[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: .htaccess



At 07:52 AM 8/9/97 +0300, Michael wrote:
>
>In directory /cgi-bin I have sub directory /cgi-bin/first and in this
>directory I have sub directory /cgi-bin/first/second.
>
>	In last directory I have program "aaa" that I run.
>
>	So, I want only some people can run this program.
>
>	How to do it??? I wrote article in Apache Journal, did as shown there. But
>with no success.

First let me note that permissions to run a CGI script (or access any other
resource) via the HTTP server is different than the UNIX file system
permissions. As long as the CGI script is runnable by nobody, everyone who
can access that resource may run it.

What you require is HTTP authentication, and there is more than one Apache
directive that deals with it. Take a look at:
http://download.netvision.net.il/apache/docs/mod/directives.html
at all directives that start with Auth, or maybe search for that keyword.
Also review 
http://download.netvision.net.il/apache/docs/misc/security_tips.html
which has a small example about how to do it. I remember dealing with it
and it wasn't too hard. (one has to prepare a user-password authentication
file) However, it may be possible that you can only set permissions to
directories and not to single files. Thus, if you wan't other scripts
within the /cgi-bin/first/second directory to be accessible by different
users, you should place aaa in a separate sub-dir beneath it.

Hope it helps.

	Shlomi Fish



-----------------------------------------------------------------------------
Shlomi Fish                                Smart Link Ltd.
Home E-mail: shlomif@ibm.net               Work E-mail: shlomi@slink.co.il
Home Page: http://www.slink.co.il/~shlomi

"If I had not been insane already, I would have long ago driven myself mad."

                            The Enemy and how I Helped to Fight it.
-----------------------------------------------------------------------------


References: