Since a CGI script (or program) is executable, it is basically the equivalent of letting the world run a script on service system, which isn't the safest thing to do. Therefore, there are some security precautions that need to be implemented when it comes to using CGI script. Probably the one that will affect the typical Web user the most is the fact that CGI script need to reside in a special directory, so that the Web server knows to execute the program rather than just display it to the browser. This directory is usually under direct control of the webmaster, prohibiting the average user from creating CGI script. There are other ways to allow access to CGI scripts, but it is up to your webmaster to set these up for you. At this point, you may want to contact them about the feasibility of allowing CGI access.
If you have a version of the HTTPd server distribution, you will see a directory called /cgi-bin. This is the special directory mentioned above where all of your CGI programs currently reside.
In the KSI and the rest of Support who run the HTTP server. When you ask Support to give you a Web page and a CGI directory they tell the HTTP server where to look for your Web files. For example, if your username is sam then your Web pages can be put in directory ~sam/WWW and your CGI scripts in directory ~sam/WWW/cgi-bin. When Support are told this they make sure that when someone sends URL
http://jupiter.ksi.edu/sam/filename
then the file
~sam/WWW/filename is sent back.
And when they send the URL
http://jupiter.ksi.edu/sam-cgi/filename
then the file
~sam/WWW/cgi-bin/filename is executed.
In all cases you have to set the permissions of the files and directories so that everyone can read them. You also have to set the permissions of all the directories and the CGI scripts so that they are executable by everyone. We will talk about CGI script permission setting later.
A CGI script can be written in any language that allows it to be executed on the system, such as:
It just depends what you have available on your system. If you use a programming language like C or Fortran, you know that you must compile the program before it will run. If you look in the /cgi-src directory that came with the server distribution, you will find the source code for some of the CGI programs in the /cgi-bin directory. If, however, you use one of the scripting languages instead, such as PERL, TCL, or a Unix shell, the script itself only needs to reside in the /cgi-bin directory, since there is no associated source code. Many people prefer to write CGI scripts instead of programs, since they are easier to debug, modify, and maintain than a typical compiled program.
CGI scripts can generate and send back anything: sound, pictures, HTML documents, and so on.