FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


PERL scripts + directories





dayveday
Hi all,

Is there any problem with setting PERL scripts to execute in the home directory of my site? I'm using this .htaccess file in my public_html directory:

Code:
Options +ExecCGI
AddHandler cgi-script .cgi .pl


Is there really any security worries with this? In other hosts I've used previously, PERL was enabled by default in all directories. I'm not sure what extra security the 'cgi-bin' provides.

Thanks
qscomputing
Basically, a CGI is a program that you run on your server, which in itself can be considered a security risk (would I trust a program that you've written and I've never seen to be run on MY computer? Answer: no). It is generally the user's responsibility to ensure that his scripts are secure, but the server administrator provides a mechanism to help that. For example, another webhosting company mandates that all CGIs must be in the cgi-bin and only be writable by the user who created them.

Only being able to execute programs from the cgi-bin directory means that you only need to think about security wrt executables on that directory; if you're just serving static HTML files you can be a lot less vigilant about security - so by putting CGIs only in one directory, you are making your life easier by simplifying your security issues.

HTH.
Related topics
Ip Banning Using Php
writing COM components in Perl
Best Freeware
SimplytheBest Scripts
Perl modules in PHP?
LWP::Simple Perl Module - Admin(s) Please :)
Documentation for Perl scripts on server?
Location of perl??
What happened to Perl?
HELP needed with basic Email perl script.
Apache
[Solved] Perl scripts
Running local perl scripts in open SuSE 10.3
Do you still use PERL?
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.