From SonicWiki
Jump to: navigation, search

Scripts hosted in web directories will run using the parent account's file permissions by default. Some scripts and applications installed in the past have been installed using CGIWrap, a mechanism by which webmasters could specify that a given executable was to be run as the parent account rather than as the default Apache user.

These legacy installations will be located in a special directory (/usr/local/lib/httpd/cgi-bin/username/) and could be accessed through two separate URIs: /cgi/username/ or /cgi-bin/username/.

Note: a click on the "hypothetical" examples above will show the hypothetical permissions with which "id.cgi" would run.)

Since August 2009, the above example URIs both yield the same results. There is currently no available mechanism to force a script to run as the default Apache user on the shared web cluster.