www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amjad Ashraf <asash...@undergrad.math.uwaterloo.ca>
Subject mod_cgi/4575: apache says 'access denied. you do not have permession to access ~user/cgi-bin scripts'
Date Sun, 13 Jun 1999 02:14:59 GMT

>Number:         4575
>Category:       mod_cgi
>Synopsis:       apache says 'access denied. you do not have permession to access ~user/cgi-bin
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sat Jun 12 19:20:00 PDT 1999
>Originator:     asashraf@undergrad.math.uwaterloo.ca
>Release:        1.3.6
OS:HP-UX 10.20 B
I followed the FAQ and other documentation as best I could but I don't know what's wrong.
Here's how I've specified access to ~user/public_html directories (I mostly modified
the default httpd.conf file):
<Directory /*/public_html>
    AllowOverride None
    Options All
    Order allow,deny
    Allow from all 

Now documentation for <Directory> says:
<Directory> and </Directory> are used to enclose a group of directives which will
apply only to the named directory
AND sub-directories(!!!) of that directory. Any directive which is allowed in a directory
context may be used. Directory is
either the full path to a directory, or a wild-card string. In a wild-card string, `?' matches
any single character, and `*'
matches any sequences of characters.

I have the cgi-bin directory as subdirectory of public_html and this should mean that
it has ExecCGI option inherited from above public_html <Directory> specification
(Option All).
I get error 403 and adm/error_log says:
Options ExecCGI is off in this directory: /home/amjad/public_html/cgi-bin/test-cgi.cgi

(I also have uncommented AddHandler cgi-script .cgi so that part should be ok).  Anyways,
I fixed the problem by adding:
<Directory /home/*/public_html/cgi-bin> (btw reg expr = /*/public_html/cgi-bin wouldn't
work. Although it's still the correct
   AllowOverride None                   reg expr as far as documentation suggests to me.
 It works for public_html
    Options All                          why not for this).
   Order allow,deny
    Allow from all
    <Limit GET POST>
        Order allow,deny
        Allow from all
Seems to me I shouldn't have had to add this though.  Also, I originally left out <Limit>
directive and I was POSTing, but server thought I was GETting.

Anyways, sorry if I sound entirely incoherent.  Very frustrated...


[In order for any reply to be added to the PR database, you need]
[to include <apbugs@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]

View raw message