On Fri, Mar 14, 2014 at 7:01 PM, Jerry Stuckle <jstuc...@attglobal.net> wrote: > On 3/14/2014 9:20 PM, Peter Michaux wrote: >> >> Hi, >> >> The default virtual host when Apache is installed on Debian has >> document root /var/www and a cgi-bin directory /usr/lib/cgi-bin. These >> directories do not make intuitive sense to me. If I have static HTML >> pages and some Perl CGI scripts, I would expect they go somewhere >> under /usr/share/. What is the rational behind the chosen default >> directories? >> >> Thanks, >> Peter >> > No way would I want a web user to have access to what's in /usr/share. It > would be a huge security exposure to allow a website user access to other > files in the directory.
How would access to one directory allow access to other directories in /usr/share ? If access to a subdirectory of /usr/share is a concern then doesn't access to /usr/lib/cgi-bin cause the same concern for /usr/lib ? Peter -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAG0y48C-d9xqTOJ0C6fBV=q4bua5w9fzkmjr4svvrnetm3d...@mail.gmail.com
