[Zope] hard-coded pcgi

Wed, 03 Feb 1999 12:18:04 -0500

At 09:44 AM 2/3/99 -0500, Kevin Dangoor wrote:
>
>Unless there's something I've missed, I think this is the most secure way
>for one to run Zope in a shared hosting environment...

Only if your shared hosting environment doesn't give every domain its own
Unix user ID and executes CGI's under that ID...  :)

In any case, it's not pcgi-wrapper that really needs to be setuid, it's
Zope itself.  So you need to either be on a platform that supports setuid
scripts, or write a C wrapper that wraps the server-side Zope, not the PCGI
client.