From owner-freebsd-isp Tue Jul 18 4:31:19 2000 Delivered-To: freebsd-isp@freebsd.org Received: from alpha.root-servers.ch (alpha.root-servers.ch [195.49.62.125]) by hub.freebsd.org (Postfix) with SMTP id F292137B5C8 for ; Tue, 18 Jul 2000 04:31:11 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 29394 invoked from network); 18 Jul 2000 11:31:01 -0000 Received: from client98-229.hispeed.ch (HELO 10.2.2.100) (62.2.98.229) by ns1.root-servers.ch with SMTP; 18 Jul 2000 11:31:01 -0000 Date: Tue, 18 Jul 2000 13:31:55 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.44) UNREG / CD5BF9353B3B7091 Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <18810445910.20000718133155@buz.ch> To: freebsd-isp@freebsd.org Subject: Secure CGI execution Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, we're are trying to get the CGI scripts of our users in some kind of sandbox (mainly a chroot or jail environment). During that effort, I found the sbox cgi-wrapper (http://stein.cshl.org/WWW/software/sbox) which would basically do what we need (suid to the owner of the script and then a chroot to limit the script to the users homedirs). However, while the wrapper compiles without any problems and can be executed as regular CGI script (which then return an error that one should specify a real CGI script to execute) we can't get it to execute any CGI scripts. If I try to open url/cgi-bin/sbox/test.cgi, Apache states the well known "Premature End of Scriptheader" message. If I open usr/test.cgi, everything works as expected... Has anyone got a working installation of sbox or a similar application under FreeBSD 4? Making the whole thing transparent to the users will be a totally different cup of coffee. I think this is best done with some mod_rewrite magics. Best regards, Gabriel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message