I'm trying to find a host that lets you use 'C' executables as CGI. They all give you a cgi-bin that lets you run Perl but I want to run my code in compiled 'C'. I think the only way they would do this if I signed up for a dedicated server or do the co-location thing. True?

You will need shell access and compiler tools. Some hosts should be able to offer that, but I've never had a reason to ask around. A VPS would also work, if your site is too small to justify a dedicated.

Out of curiousity how does C work as cgi? Know of any good online resources?

Originally posted by Froggy
Out of curiousity how does C work as cgi? Know of any good online resources?

The program is executed, the webserver gets the output of the program, and sends it to the browser. The only tricky part is remembering to put -at least- the Content-type header in the output before the actual content of the page. Well, not really the only tricky part, but unless you're trying to do stuff like work with post data, it's fairly easy if you know C.

Shouldn't you be able to just drop the executable into your cgi-bin directory and chmod 755 the file? You may have to compile it statically from home if your host doesn't let you compile. But I don't really know of any host that wouldn't let you.

That didn't really answer me...for example how to you get all the environment varibles that you have via Cgi?

Any host that let people execute C code in their cgi-bin would be in business for long.

It's perfectly safe allowing C to run in cgi-bin if you're machine is secure. It's just as secure as giving someone a shell account.

There are functions in C for getting the environment variables. I believe:

char * getenv ( const char * varname );

is in stdlib.h

drhowarddrfine:

Like the post above said, compile it statically on your local machine, upload, set as executable.

You won't find shared hosts with a compiler available, so if you don't have a linux machine at home then either get one, or go with a VPS/Dedicated solution.

Froggy: http://www.boutell.com/cgic/#whatis

there are shared hosts with compilers enabled (trust me, i cant really prove it without self promoting...). When I was a hosting customer, every host I had supplied it. For example, dreamhost allows you to compile.

How do they prevent you from mallocing large blocks of memory? You can put limits on the amount of memory a php script can use, I don't see how you can do this for C. You have to be extremely trusting of your users.

I'm sure there are hosts that do it...but it seems like a huge mistake. How do you avoid all the security problems? The server crashes?

cgi is executed as the user who owns it. Linux has a way to set limits on how much memory, cpu time, and such a user is allowed to use. You can set these (usually) in /etc/security/limits.conf.

Here are the comments for what you can limit:


# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open files
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit
# - maxlogins - max number of logins for this user
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold


The C program will be run as the user, and will run with the user's limits. We also have php run as the user who owns it, and have these limits apply to php as well.

Combined with grsecurity and a chroot environment, it is a very secure system.