[osgeo4w-dev] /cgi-bin aliased to /bin - are we exposing too much?
Frank Warmerdam
warmerdam at pobox.com
Thu Mar 20 19:00:00 EDT 2008
Folks,
Currently OSGeo4W's apache and mapserver are packaged such that /cgi-bin
is aliased to C:\OSGeo4W\bin which means that all .exe and dll files are
exposed through the web server. I'm somewhat concerned that this is not
a very safe arrangement. Why expose stuff like gdalinfo.exe by default
for instance?
On the other hand, I don't want to duplicate stuff like libmap.dll
in a cgi-bin directory and the main /bin directory if I can avoid it.
I'm not very savvy about Apache configuration, but I guess my question whether
there is a way of handling this gracefully?
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
More information about the osgeo4w-dev
mailing list