in reply to Installing a cgi app with cgi

what's your definition of a "secure install"? in my opinion, if you can password up what needs to be secure, and anyone who's not allowed in there doesn't have the password (among other standard security precautions), you have yourself a secure install.

are you talking about installing it securely on the system so as to say nothing is corrupted, etc.? if so, you may have to delve into your respective server's docs (i'm assuming apache since you're talking about suexec, although i'm not sure that's limited to apache) to find out other user ID systems for the server to run under

hope this helps.

UPDATEHere's a link to the Apache suEXEC docs: http://httpd.apache.org/docs/trunk/suexec.html. It should cover all that you need to know about suEXEC.

meh.

Replies are listed 'Best First'.
Re^2: Installing a cgi app with cgi
by banjo (Initiate) on Aug 19, 2006 at 09:13 UTC
    By 'Secure Install', i mean one where the files are owned by the user and not some 'nobody' uid that the server is running as.

    My problem is that there are so many varieties of server setups, that each need to be handled differently. I can handle it if i am overseeing the install myself, but with so many nontechnical people needing help, i'd like to automate the process as much as possible.

[reply]

In Section Seekers of Perl Wisdom