www.archive-org-2013.com » ORG » U » UCAM

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".

    Archived pages: 1302 . Archive date: 2013-05.

  • Title: Student-Run Computing Facility (SRCF) - Welcome to the SRCF
    Descriptive info: .. srcf.. student-run computing facility.. For prospective members:.. Join.. |.. Terms of Service.. Services.. For existing members:.. Webmail.. Desktop.. Mailing lists.. List administration.. About the society:.. Committee.. Constitution.. Contact Addresses.. Minutes.. Frequently Asked Questions.. Societies.. System status.. Welcome to the SRCF.. The.. Student-Run Computing Facility.. (SRCF) exists as a university society to provide useful, flexible computing and network services for University of Cambridge Staff and Students of all degrees of ability.. Individuals can become SRCF Members using our.. Membership Application form.. and groups can.. apply for a 'society' account.. If you need to get in touch with us about anything, please see our.. contact addresses.. What you get.. Website hosting.. with a rich variety of features.. Email.. and.. mailing lists.. @srcf.. net.. or.. ucam.. org..  ...   want the SRCF to host as well.. And much much more see.. for more details.. all for.. free.. ?.. Yes :).. Signup.. for an account now!.. Scheduled vulnerable period.. To aid in security procedures, the SRCF has a.. potentially vulnerable period Sundays 2am to 3am.. During this time the sysadmins may reboot the server without much prior warning.. Donate to the SRCF.. The SRCF is funded largely by donations from its users, for which we are very grateful.. The usual methods of donation are by cheque or PayPal: find out.. how to donate.. Message of the day.. 09) 12.. 03.. 2013 The EAGM went ahead without any major catastrophe -- congratulations to the new committee! 10) 16.. 05.. 2013 Server reboots, midnight tonight:.. http://status.. srcf.. net/post/50605701113..

    Original link path: /
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Contact Addresses
    Descriptive info: SRCF Contact Addresses.. New Accounts.. Membership Application webform.. e.. g.. Please can I have an account?.. Please can I have an account for my society?.. Technical Assistance/Queries.. (which do not require admin intervention).. support@srcf.. How do I upload my webpages?.. Why doesn't my PHP script work?.. Requests for Sysadmin Action.. soc-srcf-admin@lists.. cam.. ac.. uk.. new  ...   requests to install new software.. General Enquiries.. committee@srcf.. donations.. becoming involved.. complaints.. Reporting a Security Issue.. hacked account.. XSS vulnerabilities.. SQL injection vulnerabilities.. Takedowns.. under copyright legislation.. under the Terrorism Act 2006.. SRCF Committee Members.. Chair.. chairman@srcf.. Secretary.. secretary@srcf.. Junior Treasurer.. treasurer@srcf.. Publicity.. publicity@srcf.. Senior Treasurer.. senior-treasurer@srcf.. Other Delegated Roles.. Webmaster.. webmaster@srcf.. Postmaster.. postmaster@srcf.. Abuse.. abuse@srcf..

    Original link path: /contact-addresses
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Frequently Asked Questions
    Descriptive info: Frequently Asked Questions: Web Hosting.. Can I run CGI scripts?.. Yes, see.. here.. Can I use Server-Side Includes?.. Yes all files ending in.. shtml.. sxhtml.. are server-parsed by default.. Only these extensions will be supported for SSI functionality in future and new extensions cannot be specified in.. htaccess.. files.. Sorry :-).. See this.. tutorial.. for more information on server-side includes.. How can I access remote files from within PHP?.. On the SRCF system, we restrict the use of functions which call the PHP.. fopen().. directive to only access the local filesystem: this affects.. itself, as well as directives like.. include().. ,.. require_once().. and so on.. The reasoning is that some security incidents occurred where attackers were able to convince insecure scripts to include and execute a malicious PHP script from a remote location.. After such incidents, we decided that anyone who.. really.. wants to be able to perform operations on remote files via PHP should have to be fully aware that that's what they're doing.. If you definitely do want to run remote fopen commands then you need to place a file called.. php_override.. ini.. in the top level of your website containing the line.. allow_url_fopen = On.. Remember, PHP remote fopen is a security risk make sure you know what you're doing!.. Can I use Apache content-negotiation?.. Yes, content negotiation is enabled by default for all SRCF-served websites.. This enables you to automatically serve multi-lingual documents the server will automatically choose the most appropriate one for the viewer (provided you follow the instructions in Apache's.. content-negotiation tutorial.. ).. Perhaps more useful is that content negotiation allows you to drop the file extension when you make a hyperlink to a file:.. foo.. php.. can be linked to with an HTML link like.. a href="foo".. Linking like this is easier for visitors to remember and helps avoid link rot it's highly recommended.. Common gotchas: you have to be careful not to have a directory at the same level also called foo , though, and any PHP include statements need to use the full filename.. I have registered www.. foo.. com can I point it at my SRCF website?.. Yes - we can set up what is known as virtual hosting , which effectively means that each of the names which refer to our machine acts as a separate server, with separate configuration files, logs and all the rest.. This has a number of advantages over the simple redirection offered by many other people - for a start all file names work, so http://www.. com/bar/hello.. html is equivalent to http://spqr2.. user.. net/bar/hello.. html and so on.. Also you don't end up relying on a third party's machine to do the redirection as well as the web server itself.. To set up virtual hosting, you should find someone outside of the Cambridge University Data Network (CUDN) who is willing to host the DNS server for your domain (we are not allowed to do this for you) - this will normally be the same organisation with whom you registered the domain.. Once you have done this, instruct them to set up a CNAME record for your domain pointing to.. webserver.. societies.. and let us know so that we can configure the server appropriately.. Alternatively, a DNS A record referencing the IP address of the SRCF webserver (131.. 111.. 179.. 82) will work, but is slightly less robust to changes in our local setup CNAMEs are the preferred method.. Once you have done this.. contact the sysadmins.. : It is possible to have more than one domain (or subdomain) pointing at a single account, so that each name points to a different subdirectory within your public_html directory.. Please let us know which directories should map to which name when you ask us to  ...   URL of any page hosted on our server to make a secure connection.. For example,.. https://www.. net/.. connects securely to our front page.. If you would like to make a particular page.. only.. accessible over HTTPS, you should use the.. SSLRequireSSL.. directive in a.. file.. More information can be found in the.. Apache documentation.. Please note that technical limitations in the HTTPS protocol mean that it is not possible for us to offer secure connections to domains for which we provide virtual hosting.. However, it is still possible to make an HTTPS connection to these sites using the.. https:// socname.. form of the URL.. Can I protect my web page with a password?.. Yes - you can do this using a.. file in the directory that you would like to protect.. For more information, see the.. on the subject.. See also the next.. question.. Note:.. Apache basic authentication is insecure, if you are going to use it make sure you are also using ssl or your passwords will be sent in plain text across the internet.. It is also not possible to chmod apache password files as reccomended in the Apache documentation.. Digest.. Raven.. authentication is better.. Can I use the UCS Raven web authentication service on my website?.. Yes.. The SRCF has the.. mod_ucam_webauth.. module installed which makes it very easy to do basic authentication using.. Simply create a.. file in the directory you wish to protect that contains:.. AuthType Ucam-WebAuth Require valid-user.. Alternatively you may want to limit access to Raven authenticated users or those in the cam.. uk domain:.. Order allow,deny Allow from.. uk AuthType Ucam-WebAuth Require valid-user Satisfy any.. To create a "logout" link, add the following to your.. htaccess file:.. FilesMatch "logout" SetHandler AALogout /FilesMatch.. and then create a link using:.. a href="logout" Logout /a.. Read the full.. documentation.. for this module.. To use Raven via CGI or PHP you may install the Perl.. module.. or PHP.. class.. in your home or society file space.. Making centrally installed versions of these modules available is currently under consideration by the sysadmins.. How do I make non-English characters and symbols display correctly?.. To make this work, you need to ensure that the character encoding for your document is correctly specified.. For security reasons, our server is configured to automatically specify a character set, which by default will be ISO-8859-1.. This is suitable for English and most Western European languages.. It is possible that in the future we may change this to be UTF-8, so please bear this in mind when creating internationalised pages.. Note that specifying a character set in a.. meta.. tag will not work, as the server specified character set will take precedence.. Instead, to specify an alternative character set you must create a file called.. in your.. public_html.. directory containing the line:.. AddDefaultCharset character set.. The recommendation here is to use Unicode encoded as UTF-8.. This is the standard, and can represent almost all characters in use around the world (and many which aren't).. It is worth also noting that many symbols used in everyday English are not part of the ASCII character set - in particular, the GBP and Euro signs ( and ), and directional quotes (.. ) fall into this category, and need to be specified as HTML entities if you are not using UTF-8.. The answer to the previous question only works for HTML files: how do I do this in PHP?.. The best way of doing this in PHP is to use the following command:.. echo 'default_charset = "utf-8"' >> php_override.. Or to add that line to your.. One way to do this is to put the PHP command:.. header("Content-Type: text/html; charset=UTF-8");.. (or whatever character set you want to use) at the start of all your PHP scripts..

    Original link path: /faq/web-hosting
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Frequently Asked Questions
    Descriptive info: Frequently Asked Questions: Email.. How do I read my SRCF email?.. There are four options:.. Forward it to some other address.. When your account is first set up it will be configured to forward mail to the address you gave us when you applied see the FAQ entry:.. How do I set up mail forwarding?.. for instructions on how to configure this.. Read your mail using an email client running on the server, for example.. mutt.. pine.. Read your mail via IMAP from a remote machine.. You should always connect using a secure connection (enable SSL or the equivalent in your email client's configuration), otherwise your connection may be blocked.. The incoming mail server name should be set to.. mail.. and the port should be set to 993.. Note that we do not run a POP3 server, as it is an older protocol and provides no additional functionality over IMAP.. Use our.. webmail.. service.. Can I use the SRCF machine as an outgoing (SMTP) mail server?.. No you should use hermes instead from within the university..  ...   should still be able to set your From: address to be your @srcf email address if you prefer.. Create a file called.. forward (note the leading full-stop) in your home directory containing the email address to which you would like your mail to be forwarded.. The SRCF offers a simple interactive tool to create this file for you.. Login to.. shell.. using.. Secure Shell.. and type:.. srcf-MailForward.. at the prompt, followed by return.. You will then be prompted to enter an e-mail address where you would like all your SRCF mail forwarded to.. Once this program has run, type exit to logout.. How do I set up mail filtering?.. We have the.. Exim.. mail transfer agent installed.. See.. the Exim filtering documentation.. My mailing list, soc-something@lists.. Whoa! Stop right there! That's the.. hermes.. mailing list system, not the.. SRCF.. one, and there's nothing we can do to help you.. Try going to.. lists.. instead.. If it's an SRCF mailing list, it will end in @srcf.. net or @srcf.. org, and then we can help you with it..

    Original link path: /faq/email
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Frequently Asked Questions
    Descriptive info: Frequently Asked Questions: Other Services.. How do I get a Mailman mailing list set up?.. We need people to look after mailing lists, so they should be of the form listowner-listname@srcf.. net, where listowner is either a username (like spqr2) or a society name.. Signing up for a society account solely for the purpose of running a mailing list is absolutely fine go fill in the.. society application form.. , which lets you request mailing lists with your new account.. If you want a mailing list for yourself (spqr2-listname) or an existing society, just e-mail the.. Once the mailing list has been created, it can be managed through a.. web interface.. Members can also configure their subscription automatically by sending appropriate emails.. How do I find documentation?.. The program 'man' (short for manual) is your friend here.. For example, 'man emacs' will tell you about the emacs text editor.. You may also find the `info' command to be useful here many programs with man pages also have info entries.. The info system is navigated by pressing return when the cursor is over an active region and using `u' and `d' to move up and down through the hierarchy.. `q' is used to quit in both programs.. Another good source of documentation, often more detailed and/or user friendly than the man  ...   Ubuntu GNU/Linux and which won't place excessive load on our machine.. If there is something you would like to use then email.. sysadmins@srcf.. and we'll consider it.. Details of Ubuntu packages can be found.. Of course, if it is possible you are welcome to install things locally in your home directory.. Please don't run anything which will kill the machine though, otherwise we'll come after you with sticks.. Can you upgrade piece of software foo to version 2046?.. Unfortunately this isn't possible.. We use the Ubuntu distribution of GNU/Linux and installing non-Ubuntu packages is a considerable administrative burden.. When the next version of Ubuntu appears we'll be able to upgrade.. Do you run Firefox/Konqueror/Midori?.. Yes, use our.. Desktop service.. for this, it currently has Firefox, Konqueror and Midori installed.. On our shell server we have lynx, links and w3m (all of which are text-only browsers).. We can also.. install.. any other browser available in the Ubuntu repositories.. Can I run a server for my favourite online game?.. Yes, use our game server at userservers.. Please limit your server to 1GB of memory and set it to nice level 19 to avoid creating problems for other users.. If your server is run with Java, this can be accomplished by running (for example).. nice -n 19 java -Xms1024m -Xmx1024m -jar minecraft_server.. jar..

    Original link path: /faq/other-services
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Frequently Asked Questions
    Descriptive info: Frequently Asked Questions: Managing Your Account.. How do I change my password?.. Log in to the SRCF server and issue the command.. yppasswd.. you will be prompted for your old password before being asked to give the new one twice.. Make sure that your choice of password is secure don't use dictionary words, names or anything else which can be associated easily with you (such as a phone number or car registration number), and please don't use simple substitutions (e.. using f15hcake instead of fishcake ) as these can be easily guessed.. The best passwords are collections of random letters and numbers, which you can remember by inventing a simple mnemonic.. The command.. apg.. can be used to suggest good passwords.. If you don't understand all of that, or have forgotten your old password so you can't log in, you can email.. and we'll give you a new random password.. Can I tell my friend my password so that he can help maintain my website?.. You are the only person authorised to use your password.. If we find any evidence that it is being used by someone else then your account will be suspended indefinitely and without notice.. If you would like to run a website which is maintained by several people then you should apply for a group account.. If you suspect that someone else knows your password, please change your password immediately and notify.. What is SSH and why should I use it?.. SSH is a remote login protocol similar to telnet, but which uses encryption to prevent eavesdropping.. If you use telnet to log into any machine, it is trivial for a cracker to obtain your password from any machine on any of the networks between you and the remote machine - with SSH this is not the case.. We would very strongly advise you to use SSH to connect to our systems (as well as any other systems such as hermes or cus) - see.. http://www.. net/utilities/ssh/.. for further details.. What's your view on world writable files?.. World writable files are files that anybody on the system can write to (edit).. Whilst in general you can trust other SRCF users not to modify your files, there are several reasons why world-writable files are a problem:.. People make mistakes.. For instance, if you have a world-writable directory, and somebody runs "rm -r /" by mistake (this has happened at least once) then all the files in that directory will be deleted.. Users' accounts may have been compromised.. We have had one incident where a worm entered the computer via an insecure society website and proceeded to overwrite every world-writable file on the computer.. World writable files make things easier for attackers.. If for instance a directory underneath your public_html directory is world-writable then an attacker able to write files on the system could place a script there containing commands that he could execute as you.. To avoid problems like this we recommend that you avoid creating world-writable files and directories, and if you have created them then you change them to be non-world-writable.. You can do this using the "chmod" command - "chmod o-w filename" will remove world-writable permissions from a file and "chmod -R o-w ~" will do the same for all world-writable files in your home directory.. Some cgi scripts will tell you that they need to have world-writable files /  ...   software may be affected.. Please take into account the following when installing software of your own:.. If there is a suitable piece of software in the stable Ubuntu release then ask us to install it centrally rather than installing your own copy.. Centrally installed software gets upgraded automatically when security patches are released.. You can search for Ubuntu packages at.. http://packages.. ubuntu.. com/.. Use existing software rather than writing your own, especially if there is an existing piece of software which is popular and has a strong community of users.. Make sure you install security patches.. as soon as they are released.. Google makes it very easy for attackers to find their targets once a vulnerability is known.. Subscribe to the announcement mailing list associated with the software you install, so that you find out quickly about any security issues.. If you do suspect that an attacker has obtained access to your account, please let us know immediately so that we can make sure that they haven't made changes to the system.. Remember, if an attacker successfully gains access, it may result in several days of downtime not just for your website, but for everyone who uses the machine.. What happens to my account when I graduate?.. You continue to be a member of the SRCF for life, however, once you graduate we are no longer allowed to offer you shell or file transfer access to our equipment.. Your.. email address will still work, being forwarded to an address of your choosing and we can also set up a permanent redirection for your website if you wish.. Contact the.. if you want either of these services set up.. What is the full path to my filespace?.. Personal filespaces are kept in the.. /home/.. directory, for example.. /home/abc45/.. Society filespaces are in.. /societies/.. , for example.. /societies/foosoc/.. However, although we try to minimise the number of changes to the filesystem, we cannot guarantee that this will continue to be the case.. We therefore recommend that you avoid using absolute paths wherever possible, such as by using relative paths instead.. If this is not possible, we recommend that you make it easy for you to change the location of your files, e.. by setting things up so that file locations can be specified in configuration files.. How do I find out how much of my quota I have used?.. Simply log in and use the command:.. quota -gsQ.. Note that the.. -g.. is required as our disk usage quotas are managed on a per-group rather than per-user basis, with each user having their own group.. I've run out of quota Can I get it increased?.. Our initial quota of 500MB is deliberately set relatively low to reduce the risk of users accidentally filling the disk (this is surprisingly easy to do, for example with log files).. If you would like more and have good reason then just ask the.. and we'll increase it for you.. Note that while disk space is cheap, we need to supply it four times over (as we use RAID and need to keep backups).. More disk space also tends to mean more bandwidth, and other problems associated with running a larger server, so please be considerate in your disk usage.. If you need a lot more resources we may ask you to consider making a.. donation.. towards the costs of running the server..

    Original link path: /faq/managing-account
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Desktop
    Descriptive info: SRCF Desktop Service.. The SRCF is now operating a remote Linux desktop service.. This allows anyone with a SRCF account (.. sign up.. if you don't have one yet!) to obtain a graphical Linux environment from any computer on the internet.. Your desktop session can follow you wherever you go (suspend it on one computer, resume it on another and your applications are still running as you left them).. It can be used from any computer running Windows, Mac OS X, Linux or Solaris.. It will work over almost any internet connection, slow or fast.. The service offers a modern, user-friendly desktop environment that should be easy for Windows users to get used to (we offer.. KDE.. GNOME.. XFCE.. , the three most popular Linux  ...   manually install client software!.. Connect to your SRCF GNOME Classic desktop.. (log in using your SRCF username and password).. Alternatively you may instead wish to.. connect to your SRCF Unity desktop.. connect to your SRCF KDE desktop.. connect to your SRCF XFCE desktop.. Advanced users who want a different window manager can implement their own X session: create a script called.. xsession.. and then.. connect to your SRCF advanced X desktop.. but if you don't know whether you want to do this, you don't.. The web client requires your browser to support Java, and is optimised for an average home internet connection (ADSL).. If you would like more control over the connection, or the web client doesn't work for you, please use.. the standalone client..

    Original link path: /desktop
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Frequently Asked Questions
    Descriptive info: Frequently Asked Questions: Obtaining an Account.. How do I get a personal account with the SRCF?.. You should visit the.. and fill in your details.. Can I host a web site for a University Society or other non-profit organisation which is connected to the University?.. Society Account Application webform.. Please note that anyone who needs to access the shared account must also have a personal account with the SRCF.. Before you apply for your shared account, please make sure that there is not already an account set up for your organisation (a.. list of all societies hosted.. is available to help with this).. Sometimes accounts get created and forgotten about as people involved with the organisation move on.. It is simpler for us to just add new administrators to an existing account  ...   I need hosting for a commercial website can I use the SRCF?.. Our server is connected to the Internet via the Cambridge University Data Network (CUDN), and as such all users of the SRCF are bound by its rules, which explicitly forbids any use of the CUDN for commercial or for-profit activities, and therefore it is not possible for commercial websites to be hosted on our machine.. For more details, please refer to the CUDN Rules at.. admin.. uk/committee/isss/rules/rules.. html.. Furthermore, the SRCF server is maintained by a group of volunteer sysadmins who donate their time freely to ensure that our services can continue to operate smoothly.. We do not feel that it is appropriate to ask that the sysadmins give up their time in this way so that others can make money..

    Original link path: /faq/obtaining-account
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - What the SRCF provides
    Descriptive info: Important notes.. We offer the same services to both users and societies.. The term society is a misnomer.. What we call society accounts are simply any form of shared non-personal account.. They do not have to represent a College/University society, this is merely how they are commonly used.. What the SRCF provides.. Website hosting with support for PHP, CGI, Perl, Python, Ruby, server-side includes,.. , Raven authentication, SSL, virtual domain hosting and more.. For users, a website address of the form:.. http://[CRSid].. For societies, a website address of the form:.. http://[societyname].. Email.. For users, an email address of the form:.. [CRSid]@srcf.. as well as:.. [CRSid]-anything@srcf.. For societies, an email address of the form:.. [societyname]@srcf.. [societyname]-anything@srcf.. Mailman mailing lists with web-based administration.. 1000MB of file or webspace (and more if required).. SSH and SCP/SFTP access to your filespace.. An.. Ajax terminal.. so you can get a terminal from anywhere with web browsing.. Lifelong email and website forwarding when you graduate.. Friendly and helpful sysadmins.. MySQL available on request.. A PostgreSQL database on request.. Remote access to a Linux box so you can experiment to your heart's content.. IRC server.. irc.. with a.. if you want to ask a question in instant messaging this is the place to go.. New:.. a.. Gopher.. server.. LAN parties.. of the above for any society you want the SRCF to host as well.. How  ...   for it) and a list of administrators, all of whom will need to be SRCF members.. It's better to have more than one administrator to help provide continutity when people graduate, but administrators can be added or removed at any time by emailing the sysadmins.. Web and email provision.. You can have your existing.. www.. yoursoc.. com.. hostname (or whatever) pointed at the SRCF webhosting facilities in almost all cases, or have a pretty transparent redirection instated.. The SRCF sysadmins can help advise on this.. You get.. http:// socname.. (or whatever your abbreviation turns out to be) in any case.. The webspace can be managed by a group of administrators, and is capable of running CGI scripts (for handling things like online signup forms for events).. The policies governing the use of CGI programs is liberal (in comparison with most other webservers in the University and the internet industry at large).. The guiding motivation behind most SRCF system administration policies is to provide as much flexibility to users as possible, within the constraints of security, manageability and affordability.. These policies can often be amended quickly to accommodate the unforeseen needs of individuals and groups trying to do something novel.. Requests for additional services.. If you feel that there is a service or application that is not provided at the moment, please feel free to request it from the sysadmins..

    Original link path: /services/
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - Frequently Asked Questions
    Descriptive info: Frequently Asked Questions: CGI and PHP scripts.. Can I run CGI scripts? Can I use PHP?.. Yes! What's more, as of 28th September 2002 we have a brilliant new system in operation which allows even your PHP scripts to run as 'you' rather than as the webserver.. Read on for details.. Where do I need to put my CGI/PHP files?.. For.. individual users.. , PHP scripts must have a filename ending with ".. php" and can be placed anywhere in your public_html directory.. CGI scripts must have filenames ending ".. cgi" and can also go anywhere in public_html.. societies.. , both of the above methods also work, however there is an additional method of running CGI scripts which is to place them in the cgi-bin directory in your society user area (i.. e.. not in public_html).. If you do this, the script names do not need to end ".. cgi".. The URL to access CGI scripts in the cgi-bin directory is.. http://SOCNAME.. net/cgi-bin.. , where SOCNAME is your society's name on the SRCF.. What unix user do scripts execute as?.. , both PHP and CGI scripts will run as you, not as the web server's user id.. , rather than running CGI/PHP scripts as an individual, we have introduced a unix user for each society.. This user cannot log in, however it is used as the user under which all society PHP/CGI scripts are run.. Outgoing email generated by society CGI/PHP scripts will, by default, appear to come from [socname]-webmaster@srcf.. Society email addresses.. Note that any CGI/PHP script which hogs the CPU for more than 2 minutes will be terminated by the system.. This should not affect anything other than out-of-control scripts, as CGI/PHP scripts typically execute in a few seconds.. It is a measure to prevent the server being excessively slowed down by buggy scripts which go into an infinite loop.. What permissions and ownerships do scripts need to have?.. For individual users, CGI scripts must be readable and executable by you, and must be owned by you.. PHP scripts must be world-readable (to keep database passwords secret, see the next question).. For example:.. pip$ ls -l -rwx------ 1 saw27 saw27 238 May 5 19:33 env.. cgi -rw-r--r-- 1 saw27 saw27 265 May 13 19:34 phptest.. php.. Society CGI scripts and PHP scripts must have its group owner set to the society.. CGI scripts must be group readable and executable.. Society PHP scripts must additionally be world readable (to keep database passwords secret, see the next question).. pip$ ls -l -rwxrwx--- 1 saw27 casi 238 May 7 23:49 env.. cgi -rw-rw-r-- 1 saw27 casi 265 May 14 23:06 phptest.. We recommend that you ensure that society files are group-writable, so that other admins of the society can edit them (not least, when your own account expires).. How do I keep database passwords used in PHP scripts secret from other users?.. PHP scripts must be world-readable.. This requirement is artificially imposed because we felt that if we didn't require world readability, users might be caught out by assuming that if something (other than a CGI script) is not world readable then it's not accessible on the web, which wouldn't be the case for PHP scripts.. But it's easy to get round: put your secret information in a separate file which is not world readable (but is group readable), and include that file from your main PHP script.. Where do errors (STDERR) from my CGI scripts end up?.. They are  ...   the specified location, rather than in /tmp which is shared between all users.. For example, the society socname might create a directory /societies/socname/tmp with the shell command.. mkdir /societies/socname/tmp.. and then put.. save_path','/societies/socname/tmp');.. and.. at the start of all its PHP scripts.. How do I send custom HTTP headers using PHP?.. This question is often phrased as:.. I receive the "Internal Server Error" message (in the browser), and the following in the server log (/var/log/apache2/error.. log):.. [Thu Apr 15 13:35:51 2004] [error] [client XX.. XX.. XX] malformed header from script.. Bad header=HTTP/1.. 1 301 Moved Permanently: /usr/lib/cgi-bin/srcf-php-handler.. The chances are that the php code you are using has not been designed to work with our version of PHP in "CGI mode" (which is how we do it on the SRCF), only when PHP is running as an Apache module.. In detail.. the problem comes when your script effectively does:.. header("HTTP/1.. 1 301 Moved Permanently");.. (e.. in line 240 of OutputPage.. php).. This is a raw HTTP header.. When PHP-running-as-an-Apache-module sees this function call with an argument starting "HTTP", it knows that it doesn't need to add it's own "HTTP" header as it usually would, and sends it on to the browser.. But when invoking any CGI process (including PHP-running-as-a-CGI-program), Apache *always* adds the "HTTP" line itself, and it is simply not part of the CGI specification for the CGI script to do that, unless the CGI script is invoked in "non-parsed header" mode (in which case the CGI script *must* provide the HTTP line itself).. For regular CGI scripts, NPH mode is triggered if the script's filename starts "nph-"; this isn't relevant for PHP though.. The PHP documentation for.. header().. at goes a little way to flagging this problem.. When talking about using header("HTTP.. "): it says "Note: In PHP 3, this only works when PHP is compiled as an Apache module.. " Further investigation has revealed that, although it does work in later versions of PHP 4, it also fails to work in the version of PHP 4 which the SRCF currently uses at the time of writing (May 2004).. Therefore, the PHP script you're using won't work in CGI mode with the SRCF's version of PHP.. All is not lost, though, since you can achieve exactly the same effect with:.. header("Status: 301 Moved Permanantly");.. The Status header is actually one of a few special cases (as defined in the CGI spec) which is not passed on to the browser directly but is used by the web server to generate a suitable HTTP line.. So the effect to the browser is identical to header("HTTP/1.. 1 301 Moved Permanantly").. At the end of the day, then, you should be able to fix this and retain full functionality by changing all instances of "HTTP/1.. 1" in your PHP code to "Status:".. How do I turn CGI off so that people can download the file?.. Several kinds of file will automatically be interpreted as CGI scripts, and so the CGI handler will try to run them when you visit their URL, even if you just wanted to download them.. The following will turn off CGI handling for python scripts, displaying them as plain text instead:.. AddHandler default-handler.. py AddType text/plain.. py.. Put those lines in a.. htaccess file in the same directory as your python files, and they will no longer be considered CGI scripts.. You can do a similar thing for other file types by changing the.. py.. to, for example,..

    Original link path: /faq/cgi.html
    Open archive

  • Title: Student-Run Computing Facility (SRCF) - SSH clients
    Descriptive info: Quick links: [.. Windows SSH PuTTY package.. SRCF Java SSH client webpage.. SRCF ajax terminal.. ].. Introduction.. Interactive access to the SRCF machine is normally done over a series of networks (e.. , a College network, the University's network, then CUSU's network, where the server resides).. It is possible to intercept data travelling over a network and examine it or tamper with it.. There is a small risk that someone could intercept data users send to the SRCF server, and if that data includes a user's password, then the "attacker" can gain access to the SRCF machine, appearing to be that user -- the typical case is where the "attacker" breaks into a machine connected to a network, and uses it to listen to the network so as to intercept passwords, then uses these passwords for further breakins.. The SRCF wishes to minimise this risk for its users.. Network interception of passwords and other potentially confidential data can be rendered infeasible by the use of encryption.. Some access software which is used to connect to the SRCF will encrypt data sent over the network.. The SRCF encourages all users to choose such software over non-encrypting alternatives.. Encrypting ("secure")..  ...   clients for many platforms.. If you are running a Windows system, it's probably easiest to download the preconfigured set from here.. Getting the software.. Windows.. Windows users may use PuTTY to access the SRCF service.. Official version of PuTTY.. Information about how to upload your webpages without exposing your password to potential attackers can be found in our.. FAQ.. Linux / UNIX.. Most Linux and UNIX systems have ssh installed on them.. Ask your local sysadmin if just typing `.. ssh yourusername@shell.. ' doesn't do the right thing.. UCS Unix Support's SSH CD.. MacOS.. is a nice SFTP client for MacOS X.. Java.. Particularly useful in cybercafes where new software is difficult or infeasible to install, MindTerm is a small programme which a web browser may download.. It is a Java applet, and as such runs inside the browser, with permission to connect back to the webserver over the network.. Luckily, the SRCF webserver and the SRCF interactive login service are both currently hosted on the same machine.. This is in the process of being resolved -- we ideally want role addresses, so "ssh www.. net" should be wrong, and we want "ssh shell.. net".. SRCF MindTerm page..

    Original link path: /utilities/ssh/
    Open archive


  • Archived pages: 1302