I am trying to figure out the safest method to allow users to execute CGI scripts. My first thought was to use a ScriptAliasMatch to move all of the users cgi-bin directory out of the public_html directory, but the SuExec mechanism will not allow this.
My second thought was to turn on the "AddHandler cgi-script cgi" but does this pose a security risk? What I did was to add a directory statement for "/home/*/public_html/cgi-bin" and added the option ExecCGI. I have it working I am just wanting input into the security aspect of this? I am the only user of the system so it is not aspect for this system, but in a production environment what would be the best solution for allowing users execute their own CGIs. Thanks, Chad _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
