|
Byron Ellacott
bje at apnic.net
Wed Sep 22 10:40:20 EDT 2004
Rich Pinder wrote:
> I'm using Apache 1.3 with Python (Kinterbas) to access a Firebird database.
> The .py script resides in a directory under the document root. If you
> enter the full url to the script file, the browser returns a textual
> representation of the script (complete with all my connection string
> info & password into the database !)
> What am I missing here ??
Either you're using the Python publisher handler, in which case I'm
surprised that you ever see the text of the script, or you're directly
using a PythonHandler statement, in which case you can install your
Python modules anywhere on the Python path.
In an Apache config file for a host, I have:
<Location /budget>
SetHandler mod_python
Options -MultiViews
PythonDebug On
PythonAutoReload On
PythonInterpreter budget
PythonHandler bje.budgetweb
PythonOption SessionDbm /usr/share/budget/session.dbm
</Location>
The "/var/www/budget" directory does not exist at all; there's nothing
that a user can fetch via URL that is not generated by the bje.budgetweb
module, which lives in /usr/local/python/someplace, IIRC. In
sys.path[], anyway.
(That module then calls other modules based on patterns matched against
path_info, according to a configuration block. But that's just my
preference for how to arrange things.)
--
bje
|