Pixelpost

Authentic Photoblog Flavour


Go Back   Pixelpost Forum > MISCELLANEOUS > Archives > Bug Report 1.4.x
Reload this Page Running as CGI

Post Reply
 
Thread Tools
  #1  
Old 10-04-2005, 09:45 AM
filipp Offline
forum loafer
  
Join Date: Sep 2005
Location: Finland
Posts: 4
Running as CGI
At least the copy_folder.php addon assumes that pixelpost is NOT run as CGI (links to admin/index.php) Very many sites allow file upload ONLY through CGI however. admin/index.php is easy to fix, but one must do quite a bit of searching to find all references to admin/index.php
Maybe there should be configuration directive for this (that would point to the apropriate admin index file)?

Cheers,
-filipp
__________________
---
http://flip.endofinternet.org
Reply With Quote
  #2  
Old 10-04-2005, 08:30 PM
raminia's Avatar
raminia+ Offline
Team Pixelpost
  
Join Date: Jan 2005
Location: FL, US
Posts: 3,706
Send a message via Yahoo to raminia
I don't have any clue.
__________________
Photoblog: http://pblog.raminia.com Powered by Pixelpost 1.7
Reply With Quote
  #3  
Old 10-05-2005, 01:01 AM
blinking8s's Avatar
blinking8s+ Offline
über loafer
  
Join Date: Oct 2004
Location: Bowling Green, Ky
Posts: 3,428
Send a message via ICQ to blinking8s Send a message via AIM to blinking8s Send a message via MSN to blinking8s Send a message via Skype™ to blinking8s
cg whaaa? lol...many sites allow only uploa through cgi? im confused
__________________
i should say more clever stuff
Reply With Quote
  #4  
Old 10-05-2005, 06:23 AM
filipp Offline
forum loafer
  
Join Date: Sep 2005
Location: Finland
Posts: 4
Now You've got me all confused as well.
Running something as CGI essentially means the program runs with Your (who installed the script) security clearance. This allows for example, an upload directory be owned by you and to have "normal" permissions of 0755 instead of the world-writable (0777),which if You ask me is a pretty big security hole (for starters, anyone on the server can put stuff in those folders)
I guess the specifics vary from site to site, but as an example, on our school site (running Apache 2.0) all scripts that need to upload and/or process files have to:
1) Have their extensions changed to cgi
2) Have a interpreter declaration as the first line (like #! /usr/local/bin/php)
3) Have permissions 0700
__________________
---
http://flip.endofinternet.org
Reply With Quote
  #5  
Old 10-05-2005, 07:17 AM
raminia's Avatar
raminia+ Offline
Team Pixelpost
  
Join Date: Jan 2005
Location: FL, US
Posts: 3,706
Send a message via Yahoo to raminia
your photoblog is running right what did you modify to make it work on servers that run php as cgi?
__________________
Photoblog: http://pblog.raminia.com Powered by Pixelpost 1.7
Reply With Quote
  #6  
Old 10-05-2005, 12:32 PM
filipp Offline
forum loafer
  
Join Date: Sep 2005
Location: Finland
Posts: 4
Quote:
Originally Posted by raminia
your photoblog is running right what did you modify to make it work on servers that run php as cgi?
The public side works fine because it doesn't need write permissions on the server. On the admin side, I had to do the aformentioned modifications. Also all references to "index.php" in admin/index.cgi had to be changed to "index.cgi", I think the addons folder should also be gone thru. Hopefully this will come in handy for someone with a similar problem.
__________________
---
http://flip.endofinternet.org
Reply With Quote
  #7  
Old 10-06-2005, 09:01 AM
GeoS's Avatar
GeoS+ Offline
Team Pixelpost
  
Join Date: Apr 2005
Location: Warsaw, Poland
Posts: 3,613
Send a message via ICQ to GeoS Send a message via Skype™ to GeoS
First time I see that PHP in CGI mode needs rename file from xxx.php to xxx.cgi. You must have very unusual configuration of your server.
__________________
photoblog | portfolio | addons | Donate
Reply With Quote
Post Reply

« Previous Thread | Next Thread »

Thread Tools




All times are GMT. The time now is 03:06 AM.

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd. | Style Design: d3 designs