CGI? #5
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
I was gonna ask if molly-brown supported CGI, but then I looked at the commits, and seems like it either does or you're working on it. I'm definitely happy to see this since I've been waiting for CGI support in molly-brown :)
Having this in the readme would be useful though, I think.
It certainly does, and you are absolutely right about the README, which is definitely lagging behind these days, sorry! As a quick start:
Hope this helps!
I'm so glad I looked at this issue! This likely explains my issues with running cgi on RTC. cmccabe has likely not set up regex to allow for cgi on the server. I'll see if he'll regex me in :)
Unfortunately having to restrict CGI execution to explicitly trusted paths is necessary because until Go gets a functioning setuid() functionality, the CGI processes will run as the same user as Molly does, meaning they necessarily have access to TLS keys, log files, and other things which need to be secured. This sucks in a pubnix environment!
SCGI allows the dynamic process to be started by something other than Molly, so it can be made safe (you can run them as
nobody
and even chroot them somewhere safe), but it's more of a chore to setup.I'm going to close this, because SGI is now much better documented in the README. If you have trouble getting it to work, feel free to open more specific issues. Same if you think the documentation is lacking in some ways.