Hello guys,

I'm using apache2 on Ubuntu. I have a Perl script which basically read the files names of a directory, then rewrites a text file, then sends a signal to a daemon. How can this be done, as secure as possible through a web-page?

Actually I can run the code below, but not if I remove the comments. I'm looking for advise considering:

• Using HTTP Requests?
• How about Apache file permissions on the directory shown in code?
• Is htaccess enough to enable user/pass access to the cgi?
• Should I use a database instead of writing to a file and run a cron querying the db with permission granted to write and send the signal?
• Granting as less permissions as possible to the webserver.
• Should I set a VPN?

#!/usr/bin/perl -wT
use strict;
use CGI;
#@fileList = </home/user/*>; #read a directory listing
my $query = CGI->new();

print $query->header( "text/html" ),
$query->p( "FirstFileNameInArray" ),
#$query->p( $fileList[0] ), #output the first file in directory
$query->end_html;