I'm just fine tuning the ExecCGI permissions for gmail 2.X and would like some feedback on the best way to do it. Should I just leave the whole gmail dir executable? Should the data directory be executable if users can use uploads and potentially upload a cgi script etc? Is there any risk with it? Any comments or help appreciated.
Regan.
Regan.