Re^2: Perl and Apache 1.3

In regard to letting Apache server the files, rather than output them, I'm pretty sure the reason we're doing it this way is because we're trying to keep it so certain files are secure and unavailable to other users.

If there's an easy way to do this and still have security, please let me know. All of our users access our database and files as a generic web user, not as themselves, if that answers a future question...

Comment on Re^2: Perl and Apache 1.3

Replies are listed 'Best First'.
Re^3: Perl and Apache 1.3 by CountZero (Bishop) on Oct 11, 2009 at 21:36 UTC
It's a long time ago I used Apache 1.3 (long since switched to Apache 2), but IIRC even Apache 1.3 was able to use a basic authentification and authorisation system which can distinguish between users and the files which they have access to. Actually, if you allow your users to run a cgi-script which serves the file, what is the difference with allowing them to access that file directly? Or does the script itself run an authentification/authorisation scheme? CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James	[reply]
Re^4: Perl and Apache 1.3 by Heffstar (Acolyte) on Oct 13, 2009 at 04:31 UTC
Yes, we do have our own security scheme that's utilized through the scripts so I'm not sure if that will work... but I'm open to suggestions.	[reply]