HI

Using Cpanel software, I have two directories:
cgi-bin
scgi-bin

Anybody please educate me, in simple terms, what scgi-bin does?


The help file says 'allows your userid to perform cgi script processes', but cgi-bin does that too.

Thanks
Dave

Originally posted by thednt
HI

Using Cpanel software, I have two directories:
cgi-bin
scgi-bin

Anybody please educate me, in simple terms, what scgi-bin does?


The help file says 'allows your userid to perform cgi script processes', but cgi-bin does that too.

Thanks
Dave

The scgi-bin directory, used a CGI wrapper to run CGI programs as the user's own user and group ID's, instead of the web server's global user. This allows you to set lower permissions on files too, to protect anyone but your user (and the web server) from executing or viewing them. Note, that when I say the web server, I mean, it can only execute them, and no one can view your source, not even the global user, whereas it can for files in the cgi-bin directory, unless a CGI wrapper like SuEXEC is implemented for your entire account on your virtual host directive in the web server. More information about SuEXEC can be found at http://www.apache.org under the "web server" section.

Thanks

Basically then, if I had a script that somebody had written and they wanted to keep it private from everybody else, then could make it that only their own ftp/telnet/cpanel username and password could view the script itself.

Is this correct?

Many thanks
DAve

That's basically it. You set the permissions (say at 700), so only the user that has the file in their scgi-bin directory, can view or execute it. The web server (Apache in this case), will still be able to execute it normally, since it's running it with that user's ID due to the CGI wrapper. I personally don't like the scgi-bin implementation, as it's no where near as good or advanced as SuEXEC, but with Cpanel, you can't use SuEXEC without it creating errors on the web sites due to how it sets up and uses global scripts for certain tasks and whatnot. The Cpanel won't error, but the global scripts, mailing lists and Cpanel redirect scripts, etc. will give internal server errors. Simply chalk it up to poor designing of Cpanel.

Thanks

Hmm....SuEXEC works perfectly fine for us :D
Just get rid of the useless and poorly written global scripts since users can upload better ones to use anyway. Or rather, not get rid of them but simply take the links to them out of the global user CPanel interface by editing the templates..

Built in guestbook(and other junk) -vs- security .. I choose security..

I wonder how many hosts using CPanel are also using SuEXEC? If not, you should be since CPanel is so weak in security.. I'm sure Tim would be happy to explain in his next encyclopedia, err, posting :rolleyes:

Even Tim's sig is longer then anyone elses. :D :D :D

Originally posted by Webdude
Hmm....SuEXEC works perfectly fine for us :D
Just get rid of the useless and poorly written global scripts since users can upload better ones to use anyway. Or rather, not get rid of them but simply take the links to them out of the global user CPanel interface by editing the templates..

Built in guestbook(and other junk) -vs- security .. I choose security..

I wonder how many hosts using CPanel are also using SuEXEC? If not, you should be since CPanel is so weak in security.. I'm sure Tim would be happy to explain in his next encyclopedia, err, posting :rolleyes:

Well, it better work, since the last thing I recall, is I set it up for you on that server. I was simply letting him know that there are better options, but that Cpanel will error. Of course, changing some things around, as was done on the server, will resolve some of those problems, or most of them, but that not everyone will want to make those changes -- even if you and I are one of many that would suggest they'd be for the better. And, hey, Webdude, don't roll yer' eyes at me.. I'll beat you, man! :-)