Hi, How can stop people from creating a cgi script like this one i created below which gets the contents of /etc/passwd ? Can i jail CGI somehow? test.cgi Code: #!/bin/bash echo "Content-Type: text/plain" echo "" cat /etc/passwd Thanks, Alex
Unfortunately there's nothing lie PHP Safe mode for Perl CGI scripts. This is an interesting discussion I found: http://gallery.menalto.com/node/3017
Hi, I just found somthing perfect!!!!! Look: http://stein.cshl.org/software/sbox/ As long as i can get it to work then its great, Thanks, Alex
As far as I know, suphp is also able to run cgi scripts (not just php scripts) under the correct user and chroot them.
Hi, Sounds good is there a tutorial anywhere about howto chroot CGI scripts with suphp? I will have to remove CGI access otherwise Thanks, Alex
I'am not aware of a tutorial. But you should get it to work with the suphp manual as well as it documents all configuration options incl. chrooting.
