Subject: Re: [htdig] Search engine for private page
From: Knut A. Syed (Knut.Syed@nhh.no)
Date: Sun Oct 29 2000 - 05:45:09 PST
Gilles Detillieux <email@example.com> writes:
> Using a symbolic link to htsearch doesn't secure anything because
> the link to the binary won't change the the CONFIG_DIR setting that
> the binary uses, so you're still relying on keeping the config file
> name secret. If you don't want to compile two htsearch binaries with
> different CONFIG_DIR settings, you can use a simple wrapper script for the
> secure htsearch.pr, which sets the CONFIG_DIR environment variable to the
> secure configuration directory. This environment variable overrides the
> compiled-in setting specified by the make-file variable of the same name.
How about modifying htsearch to automatically use CONFIG_DIR based on
the name of the exectued binary?
Then you can make symlinks to htsearch with different names and
web-access/protection, and htsearch will choose the configuration
F.ex. the symlink htsearch-internal (pointing to htsearch) can be
protected and accessed as
http://www.example.com/cgi-bin/htsearch-internal, automatically using
htsearch-internal as CONFIG_DIR. Accessing htsearch directly will not
work (unless you have a CONFIG_DIR named htsearch).
To unsubscribe from the htdig mailing list, send a message to
You will receive a message to confirm this.
List archives: <http://www.htdig.org/mail/menu.html>
This archive was generated by hypermail 2b28 : Sun Oct 29 2000 - 05:51:31 PST