Re^2: Running perl script outside cgi-bin

Hi Corion - it did occur to me after I posted that this wasn't really a Perl question so thanks for your answer. I went on over to Apache and it would seem I could do everything I want and more using ScriptAlias and other directives. Only thing I would have to put them in .htaccess files which has performance issues (hopefully a concern some day). But that got me thinking, why not just create symbolic link to my script. That works nicely. Must learn more Unix.

Comment on Re^2: Running perl script outside cgi-bin

Replies are listed 'Best First'.
Re^3: Running perl script outside cgi-bin by Anonymous Monk on Feb 08, 2012 at 09:18 UTC
The only security problem really is: if the web server ever is misconfigured (to not execute scripts), people hitting the web server are shown your code. Since events.pl is in cgi-bin (not public_html, i.e. outside the document root), a misconfigured server would likely refuse to serve it. This is very much an issue in PHP, too, but nobody pays attention to it. You can mitigate this by putting the important parts of your code in libraries outside the document root. (I did gain access to one web site's code once because the administrator apparently had reinstalled the OS, set the web server running with the default configuration, and restored the old content before fixing the configuration.)	[reply]
Re^4: Running perl script outside cgi-bin by tangent (Parson) on Feb 08, 2012 at 13:44 UTC
Seeing my code would probably add an extra layer of security :-) There is only a few lines in the script to load up the necessary modules which reside outside the web root.	[reply]


No such thing as a small change
	PerlMonks