Introduction
  Installing
  Handling
  Virtual servers
  Modules
  Filesystems
  RXML tags
  Graphics
  Proxy
  Miscellaneous modules
  Security considerations
  Scripting
    Pike modules
    Pike scripts
    Pike tag
    CGI
    SSI
    FastCGI
    Servlets
  Databases
  LDAP
  FrontPage
  Upgrading
  Third party extensions
  Portability
  Reporting bugs
  Appendix
 
CGI

CGI scripts are the most common way of doing scripting, being supported by virtually every web server. They work by starting an external program for each request. The program can be a compiled program or a script written in something else, for example like perl or python.

The advantages of CGI scripts are that they can be used to run any kind of scripts written in any language, and that they are portable between different web servers. The disadvantages are that they are resource hungry, needing to start an external program for each request. CGI scripts are also one of the most common security hazards on the web. Most often because they were not written with security in mind.

In Challenger, CGI scripts are supported through the CGI executable support. The module can be configured to either run the CGI scripts as the user who has written them, or to run all CGI scripts as a user with low privileges.

It is possible to use CGI scripts together with RXML. Either by letting the output of the CGI script be parsed with the RXML parser or by executing the CGI scripts with the <cgi> tag.

Even if CGI scripts are run so they cannot hurt the server itself, they can often hurt the user who owns them. Most users do not understand how CGI scripts work, but will download and install them from the net, with no thought of security. It is often better to provide the functions the user's want as RXML tags. The user will understand RXML tags better, since they are like HTML tags, and the administrator will get better control over the server.

CGI executable support

Allow listing of cgi-bin directory
If set, the users can get a directory listing of the cgi-bin directory.

Allow symlinks
If set, allows symbolic links to binaries owned by the directory owner. Other symlinks are still disabled.

This option has an effect only if the Run user scripts as owner variable is set and is available only when the server is run as root. .

CGI-bin path
The module's location in the virtual filesystem. By default the module will also handle one or more extensions, from any filesystem.

CGI-script extensions
Extension of files to be handled as CGI scripts. The Handle *.cgi variable has to be set for this option to have any effect.

Handle *.cgi
This handles files ending with the extensions configured in the CGI-script extensions variable. If set, files with these extensions will be handled as CGI scripts, regardless from which filesystem they were fetched.

Limits
Priority
This option affects the nice value of the CGI processes. If it is set to a higher value CGI scripts might get more CPU than the actual web server, something which might not always be a good idea.

Log CGI errors to...
Where to log error messages from a CGI script, or rather any output the script writes to stderr. By default the error messages will be sent to the debug log file.

Parse RXML in CGI-scripts
If this option is set the output of the CGI script is sent through the RXML parser. The parsing will take place after the CGI script has finished processing, nothing will be sent to the user until the CGI script finishes. This option will not work if you have CGI scripts that does animations or other things that require them to send data over a long time to the user. It is however possible to enable two CGI executable support modules, one to handle scripts that are to be RXML parsed and another to handle normal CGI scripts.

This is option is only available if you have chosen to More options.

Provide the <cgi> tag
If set it will be possible to execute CGI scripts via the <cgi> tag.

Run scripts as
Which user to run the CGI scripts as. This will default to nobody if nothing is specified. This option is only available when Challenger is run as root.

Run user scripts as owner
If set, scripts in user home directories will be run as the user. This overrides the Run scripts as variable. This option is only available when the server is run as root.

Search path
The location of the CGI-bin directory in the read file system.

Set the supplementary group access list
If this option is set the script will be run with membership in all the users supplementary groups, i.e. the groups in the /etc/group file.

Treat non-executable files as ordinary files
If this flag is set, files that does not have the executable bit set will be treated as normal files and sent to the user. If the flag is not set attempts to get such files will result in an error message.