soffen has asked for the wisdom of the Perl Monks concerning the following question:

I have some CGI scripts deep withing my directory structure that I frequently access via my browser (my scripts must be in the cgi-bin or they won't be executed). Having recently discovered (forgive me my ignorance) symbolic links, I created a symbolic link in my web accessible folder (parent to my cgi-bin) to the folder containing my CGI scripts. I created it using the following syntax:

symlink (NEW_LINK_PATH,FOLDER_LOCATION_PATH);

And this works fine. I can see it in my <web-based-file-manager-application>, and when I click on it it is properly linked to the folder in question.

All of my scripts can be accessed just fine when going to

http://www.myserver.com/cgi-bin/<longpath>/script.cgi

However when attempting

http://www.myserver.com/<symbolic link>/script.cgi

I get a 403 forbidden error. What do I need to do differently? Permissions on the symbolic link are 755.

Replies are listed 'Best First'.
Re: Accessing symbolic links from a browser
by tadman (Prior) on Aug 08, 2002 at 00:03 UTC
    For security reasons, Apache turns off symlink following by default. This prevents people from doing things like grabbing sensitive files and such.

    Maybe what you need is set your Options:
    Options +FollowSymLinks
    This can go in your .htaccess if you are allowed to override it. This could require modifying your base httpd.conf file to allow this. I usually just let anyone do anything on any server to which there is controlled access:
    AllowOverride All
    What might also be causing the trouble is that your script is no longer inside the /cgi-bin directory. You might need to assign the proper handler:
    AddHandler cgi-script .cgi
    For mod_perl this would be, of course, perl-script.
[reply]
[d/l]
[select]
Re: Accessing symbolic links from a browser
by valdez (Monsignor) on Aug 08, 2002 at 00:51 UTC

    Let's assume that you are using Apache. You can't do what you described because cgi-scripts are activated with a directive named ScriptAlias. This means that you (or the admins) are aliasing (mapping) the url of your script to a particular path. Basically, Apache translates every request beginning with /cgi-bin/... to <somepath>/... Therefore, if you omit /cgi-bin/ (like in your attempt), the httpd daemon does not recognize your scripts.

    Activating Options +FollowSymlinks (or +SymLinksIfOwnerMatch) will not help you. Options +ExecCGI can be very helpful, because it asks Apache to run files marked as executable; but beware of the possible risks involved in this approach.

    Hope this helps. Ciao, Valerio

[reply]
•Re: Accessing symbolic links from a browser
by merlyn (Sage) on Aug 08, 2002 at 00:03 UTC
    You don't say if you're using Apache. But if you are, I know that Apache is usually configured based on real paths, not symbolic link paths.

    -- Randal L. Schwartz, Perl hacker

[reply]
Re: Accessing symbolic links from a browser
by BUU (Prior) on Aug 07, 2002 at 23:54 UTC
    If you have access to .htaccess and mod_rewrite you and do 'l33t' things with rewriting to shorten paths down and so forth...
[reply]

Back to Seekers of Perl Wisdom