CGI Security Documentation

CGIWrap

User CGI Access

CGIWrap is a Unix CGI utility designed to help administrators and hosting environments run user-owned CGI scripts with stronger security controls and clearer execution boundaries. This documentation hub brings together the most important information for both end users and server administrators, including setup guidance, change history, installation details, security notes, and practical reference material.

Whether you are looking for quick CGI execution help, installation documentation, access control guidance, or historical information about CGIWrap features and security changes, this page serves as the main entry point into the CGIWrap section of Unixtools.

Security Notice

CGIWrap 4.1 Cross-Site Scripting Protection Update

CGIWrap 4.1 includes an update that protects against a cross-site scripting vulnerability in error page handling caused by how some browsers behave when a charset is not specified. CGIWrap now sets a default charset and also allows that charset to be overridden during the configure process.

General Information

These pages provide broader background on CGIWrap, including how it works, common questions, source code history, future development notes, expert-level isolation topics, and third-party commentary. Together they make up the core reference set for understanding CGIWrap beyond just installation.

Introduction Start with a general overview of CGIWrap, its purpose, and how it fits into Unix CGI execution. Frequently Asked Questions Troubleshooting help for common setup errors, debugging issues, PHP configuration, and execution problems. Source Code Change Log Review historical CGIWrap version changes, feature additions, security fixes, and compatibility updates. Stuff Still to Be Done See unfinished ideas, future improvements, and development notes related to CGIWrap. Chrooting - For Experts Only Advanced documentation for administrators considering chroot-based isolation with CGIWrap. Publications Mentioning CGIWrap Reference pages and mentions that help place CGIWrap in a broader technical context. Comments Read administrator impressions, feedback, and historical perspectives on CGIWrap in practice. Mailing List Archive (FindMail) Historical mailing list reference noted in the original CGIWrap documentation. SourceForge Project Page Project reference page noted in the original documentation set.

User CGI Execution

These pages are focused on the practical side of running user CGI scripts. They help users understand account-level setup requirements and provide a quick reference for common CGIWrap URL patterns.

Account Setup User-facing setup guidance for getting CGI execution working correctly under CGIWrap. Quick Reference to URLs Fast lookup guide for common CGIWrap URL patterns and execution paths.

Compilation, Installation, and Administration

This section is for people who are installing CGIWrap. It is intended for server administrators and people who have root access on web server machines, and it covers the parts of CGIWrap that matter most during system configuration, compilation, access control, and administration.

Installation and Configuration Build and configure CGIWrap correctly for your Unix server environment. Access Control Files (allow/deny) Understand allow and deny logic, file format, host checks, and virtual host control. Compilation Notes Technical notes and special considerations for building CGIWrap in different environments. Use of CGIWrap with AFS Guidance on running CGIWrap in AFS-based environments, including permissions and PAG handling. Tips and Tricks Extra administrative ideas and practical guidance for smoother CGIWrap deployment.