<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Installed as CGI binary</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="security.general.html">General considerations</a></div> <div class="next" style="text-align: right; float: right;"><a href="security.cgi-bin.attacks.html">Possible attacks</a></div> <div class="up"><a href="security.html">Security</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="security.cgi-bin" class="chapter"> <h1>Installed as CGI binary</h1> <h2>Table of Contents</h2><ul class="chunklist chunklist_chapter"><li><a href="security.cgi-bin.attacks.html">Possible attacks</a></li><li><a href="security.cgi-bin.default.html">Case 1: only public files served</a></li><li><a href="security.cgi-bin.force-redirect.html">Case 2: using cgi.force_redirect</a></li><li><a href="security.cgi-bin.doc-root.html">Case 3: setting doc_root or user_dir</a></li><li><a href="security.cgi-bin.shell.html">Case 4: PHP parser outside of web tree</a></li></ul> </div> <hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="security.general.html">General considerations</a></div> <div class="next" style="text-align: right; float: right;"><a href="security.cgi-bin.attacks.html">Possible attacks</a></div> <div class="up"><a href="security.html">Security</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>