Note: CGIWrap seems not to be installed on many web sites, like it was in the past. We are leaving this document available for reference purposes, but it is no longer being maintained.

To reduce security risks with CGI scripts, many internet service providers and webmasters have installed a "script wrapper" that causes CGI scripts to run under the owner's UID instead of the web server's UID. A script owned by a user can do only those things that the user would be able to do.

One popular such program is the CGIWrap program. Discus can be used with the CGIWrap program (Discus has been verified to work properly with CGIWrap 3.5) by making a few simple adjustments to our instructions as you set up the board. More information about the internal workings of CGIWrap can be found on the CGIWrap home page.

Note that these are instructions telling you how to set up Discus if CGIWrap is currently installed. We do not document or support how to set up CGIWrap on your server -- it is assumed that your ISP or webmaster has already set up the program; otherwise, you don't need to read this document!

CGIWrap works as follows: a URL such as http://www.isp.com/cgi-bin/cgiwrap/smith/script.cgi refers to the script file stored in /home/smith/public_html/cgi-bin/script.cgi. Although configuration of the program will vary from machine to machine, the general idea is the same. Consult your ISP's documentation to see exactly how CGIWrap is installed on your server.

You will need to set up Discus using either the default (telnet) installation or the FTP installation. The instructions for each are similar. For the remainder of this tutorial, it is assumed that your CGI scripts must go in the directory /home/smith/public_html/cgi-bin; please adjust the instructions accordingly.

Consult the installation guide for specific instructions -- the following are tips to help when following those instructions.

• When you are asked which directory you want to put the CGI script into, you must enter (for example) /home/smith/public_html/cgi-bin instead of the default /home/smith/public_html.

• When accessing the board-setup.cgi/dconfig.cgi script, you will need to enter the appropriate URL through CGIWrap. Normally this is something like: http://www.isp.com/cgi-bin/cgiwrap/smith/board-setup.cgi.

• Note that the HTML URL does NOT go through CGIWrap. This is a normal URL, such as http://www.isp.com/~smith/discus. Since these files are regular HTML files, and not scripts, they should NEVER be run through CGIWrap.

• Note that directories (Administration Directory, HTML Directory, Script Directory) do NOT go through CGIWrap. These are normal directories, not URLs, on your server. Normal directories should NEVER be run through CGIWrap.

• Your Script URL is the only specified variable that needs to go involve CGIWrap. If your Script Directory is /home/smith/public_html/cgi-bin/discus, then your Script URL might be http://www.isp.com/cgi-bin/cgiwrap/smith/discus.

Consult the installation guide for specific instructions -- the following are tips to help when following those instructions.

• When accessing the ftpdiag.cgi script, you will need to enter the appropriate URL through CGIWrap. Normally this is something like: http://www.isp.com/cgi-bin/cgiwrap/smith/ftpdiag.cgi.

• Note that the HTML URL does NOT go through CGIWrap. This is a normal URL, such as http://www.isp.com/~smith/discus. Since these files are regular HTML files, and not scripts, they should NEVER be run through CGIWrap.

• Note that directories (Administration Directory, HTML Directory, Script Directory) do NOT go through CGIWrap. These are normal directories, not URLs, on your server. Normal directories should NEVER be run through CGIWrap.

• Your Script URL is the only specified variable that needs to go involve CGIWrap. If your Script Directory is /home/smith/public_html/cgi-bin/discus, then your Script URL might be http://www.isp.com/cgi-bin/cgiwrap/smith/discus.

CGIWrap was written by Nathan Neulinger, not DiscusWare. More information about CGIWrap can be found at http://www.umr.edu/~cgiwrap/.