cgiwrap - CGI Wrapper for HTTPd WWW Server

Synopsis

    http://server:port/cgi-bin/cgiwrap?user=USERID&script=SCRIPTNAME
    http://server:port/cgi-bin/cgiwrap/USERID/SCRIPTNAME
    http://server:port/cgi-bin/cgiwrap/~USERID/SCRIPTNAME

Description>

CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail.

Cgiwrap is used via a URL in an HTML document. As distributed, cgiwrap is configured to run user scripts which are located in the ~/public_html/cgi-bin/ directory.

server:port
The server that the script is located on. Port is optional.
cgi-bin
The common cgi directory on the http server.
USERID
The userid of the user who owns the script that is to be run.
SCRIPTNAME
The actual filename of the script that is to be run.

Instructions

Create the directory ~/public_html/cgi-bin

Install scripts in that directory, and make them owned and executable by you.

Example

For this example, the script is "email.pl". The user id is "joeminer".
Create directory cgi-bin 
mkdir ~/public_html/cgi-bin
Copy script into the cgi-bin directory 
cp .../email.pl ~/public_html/cgi-bin
Make it executable 
 chmod 755 ~/public_html/cgi-bin/email.pl
The script is executed using the following URL: 
      http://rcswww.ww.urz.tu-dresden.de/cgi-bin/cgiwrap/joeminer/email.pl

Notes

When using cgiwrap with AFS based accounts, you need to keep in mind that scripts are run un-authenticated. This means that any files that are accessed in AFS directories are accessed as "system:anyuser". This is important when considering how your script will return data to you. Currently, the easiest way to return data to the user is to email the results of the script. Obviously, this only applies to scripts that are supposed to be used for submitting data - scripts that simply return information to the web client are not affected by this.

Cgiwrap can be used with forms, but it is suggested that you use the "POST" method. If you use the get method, you will need to add two hidden fields to your form containing the user and script name. "GET" types requests are discouraged in any case due to the limited amount of data that can be passed to the script.

I suggest installnig 4 copies of cgiwrap into the servers cgi-bin directory. (cgiwrap, cgiwrapd, nph-cgiwrap, nph-cgiwrapd) This will allow your users to run almost any kind of script. The two ending in "d" will display debugging output, which is a great aid when writing CGI scripts, as you usually can't see the output of your script if it screws up.

Files

HTTPD/cgi-bin/cgiwrap ~USERID/public_html/cgi-bin/SCRIPTNAME

Author

Nathan Neulinger (nneul@umr.edu) Mosaic, lynx

See also

http://sunsite.unc.edu/boutell/faq/www_faq.html http://hoohoo.ncsa.uiuc.edu http://www.ncsa.uiuc.edu/General/Internet/WWW/HTMLPrimer.html http://www.ncsa.uiuc.edu/General/Internet/WWW/HTMLQuickRef.html
Hacked from Man-Page Olaf Großmann, 20. Juni 1996