cgi-bin dir prmissions

From: Roeland Th. Jansen (bengel_at_grobbebol.xs4all.nl)
Date: 10/09/03


Date: Thu, 9 Oct 2003 17:18:48 +0000 (UTC)

hi all,

on a system I recently was asked to administer, the following was seen :

drwxr-xrwx 7 root root 4.0K Oct 9 19:16 cgi-bin/
drwxr-xr-x 5 root root 4.0K Aug 25 22:53 htdig/
drwxr-xr-x 14 root root 4.0K Sep 13 16:09 htdocs/

note the cgi-bin permissions. under htdocs there is the rootdir of the
pages displayed.

I have been told that this rwx was necessary to be able to have
awstats's webpage update function to work. I checked the docs and that
indeed says that you need rwx access.

however, is this secure ? I tend not to like this kind of access to such
a directory. anyone else who can share some thoughts ?

Roeland

-- 
Grobbeool's Home                       |  Don't give in to spammers.   -o)
http://www.xs4all.nl/~bengel           | Use your real e-mail address   /\
Linux 2.4.21  UP 1200MHz celeron/1.5GB |        on Usenet.             _\_v