My cgi script can't write to cgi-bin folder of Apache

Yinan picture Yinan · Oct 28, 2009 · Viewed 9.7k times · Source

I m working on a python version cgi script which needs to create img files (which will be shown on the web page) in cgi-bin folder.

But it fails with: [Wed Oct 28 16:13:51 2009] [error] [client ::1] OSError: [Errno 13] Permission denied: 'average/'

[Note] 'average/' is the folder that the cgi script is going to create first for saving those img files.

I tried giving a+x permission to the cgi script, but it failed still. This happens on both Win and Mac.

Btw, I m working with the default Apache configurations. I didn't change anything after the installation of Apache.

Answer

bobince picture bobince · Oct 28, 2009

You would have to give the web server user write permission to the cgi-bin folder. Usually the web server user is something like nobody and not in the same group as the owner of the folder, so that means making cgi-bin world-writable: Note: This is a really bad idea.

chmod a+rwx cgi-bin

(or, on Windows setting permissions on cgi-bin to give Everyone ‘Full Control’.)

Now any user on your server, or any script that doesn't check its filenames properly, might create a file in the cgi-bin, where it will be interpreted by Apache as a CGI script and executed. This is a good way to get your server owned.

Run-time-written files should go in a separate ‘data’ folder, outside the cgi-bin (and preferably outside the web root, bound with an Alias), with Apache set to disallow any kind of script or htaccess from that folder. You can then set ‘data’ 777, or, possibly better, have it owned by the web server user instead.