How Can I Stop My CGI Script Reading And Writing Files As Nobody

How Can I Stop My CGI Script Reading And Writing Files As Nobody


  • 12 Mar, 2012

    CGI scripts are run by the HTTPD, and therefore by the UID of the HTTPDprocess, which is (by convention) usually a special user "nobody".There are two basic ways to run a script under your own userid:(1) The direct approach: use a setuid program.(2) The double-server approach: have your CGI script communicatewith a second process (e.g. a daemon) running under your userid,which is responsible for the actual file management.The direct approach is usually faster, but the client-server architecturemay help with other problems, such as maintaining integrity of a database.When running a compiled CGI program (e.g. C, C++), you can make itsetuid by simply setting the setuid bit:e.g. "chmod 4755 myprog.cgi"For security reasons, this is not possible with scripting languages(eg Perl, Tcl, shell). A workaround is to run them from a setuidprogram, such as cgiwrap.In most cases where you'd want to use the client-server approach,the server is a finished product (such as an SQL server) with itsown CGI interface.A lightweight alternative to this is Don Libes' "expect" package.

    Comments Received:
    Please give your suggestions and feedback:

2009-2016 downloadmela.com. All rights reserved.