Authorization of custom CGIs
Opher Shachar
ophers at ladpc.co.il
Wed Dec 20 14:35:06 PST 2006
Hello all,
I've written a custom CGI and marked it as a protected resource in cupsd.conf:
<Location /ojobs.cgi>
AuthType Basic
Require user @SYSTEM
# Allow remote administration...
Order allow,deny
Allow @LOCAL
</Location>
When accessing the CGI I'm asked to authenticate BUT then any (authenticated) user - not just root - gets access.
Is it the CGI's responsibility to check for authorization?
If so need the CGI parse the cupsd.conf file, or is there a simpler way?
Thanks,
Opher Shachar.
More information about the cups
mailing list