Appendix A: WN command line options

-e -- Forbid execs and CGI

When the server is run with this option it will not execute a CGI script, a filter or any executable in an include. In addition the server does not allow any data sent by a client to even be written to a temporary disk file.

-E -- Restrict CGI and execs to trusted users

This is similar to the -e option except that index.cache files owned by a trusted user id or trusted group id (set with the -t or -T option) is exempt from the restrictions. That is, only scripts listed in index.cache files owned by the trusted user or group will be executed.

-h hostname -- Set hostname

Tell the server that its name is hostname. This is only used for two things: to pass to CGI scripts and for redirects generated when a trailing '/' is omitted in a URL path to a directory. It is a shame browsers can't handle relative URL redirects!

-L logfile -- Set logfile name

Write log information to the file logfile. This will override the value #defined in config.h.

-l error_log -- Set error logfile name

Write information about errors to the file err_log. This will override the value #defined in config.h. If no value is set in config.h and this option is not used then the logfile given with -L is used for errors as well as regular transactions.

-t trusted_uid -- Set trusted uid

When invoked with this option wn or swn will not serve a document unless the index.cache file listing it has the prescribed owner (uid). This uid# should be that of the maintainer not the one under which wn or swn runs. Indeed, for security reasons the server will refuse to use an index.cache file whose owner is the uid under which the server is running. If on your server all index.cache files are created by a single user or a single group this option or the -T option are highly recommended. This added security is weakened somewhat if you also use the -u option which allows index.cache files owned by untrusted users to permit the serving of files owned by the same user.

-T trusted_gid -- Set trusted gid

This is similar to the -t option except the group owner (gid)of the index.cache file is used instead of the uid.

-u -- Restrict untrusted users

When this option is invoked the server requires that every file served (including wrappers and includes) have the same owner as the index.cache file which grants it permission to be served. This means that untrusted users can only serve files which they own. If the -t or -T option (described above) is used with -u then index.cache files owned by the trusted user or trusted group are exempt from this requirement and they may grant permission to serve any file the server can read.

WN -- for those who think the Web should be more than a user friendly version of ftp