CGI support - Sorry to bring it up
francis at daoine.org
Mon May 12 23:34:30 UTC 2014
On Thu, May 08, 2014 at 03:11:24PM +0100, Lyle wrote:
> For some of our old Perl CGI scripts we've hit the issue I'm sure
> most of you are familiar with. I've searched for solutions and have
> found a number, all of which have various caveats. It's unclear as
> to what they best way to deal with this is. Along with plain CGI
> (and fastcgi) suexec is an important security feature to ensure that
> compromised scripts don't have permission to wreak havoc on other
> user accounts, and run things with tight permissions (along with
> sorting our FTP script upload issues you can have).
I may be being slow here, but: what's the specific issue you're concerned
suexec is a way for a (CGI) script-processing server to run scripts
under a separate user account.
nginx doesn't do CGI.
nginx does most kinds of "active" content by being a client to another
server which actually does the work. That server could run suexec,
I suppose, or it could run everything under a separate user account.
Francis Daly francis at daoine.org
More information about the nginx