in reply to Re: CGI and GPG, how are you people doing it?
in thread CGI and GPG, how are you people doing it?

I can make the command line method work with gpg homedir chmod 777, but how unsafe is that?
  • Comment on Re^2: CGI and GPG, how are you people doing it?

Replies are listed 'Best First'.
Re^3: CGI and GPG, how are you people doing it?
by mr_mischief (Monsignor) on Apr 07, 2015 at 04:33 UTC

    Look into suExec or mod_itk or some other method of running your CGI as the user.

[reply]
Re^3: CGI and GPG, how are you people doing it?
by Anonymous Monk on Apr 07, 2015 at 00:52 UTC

    I can make the command line method work with gpg homedir chmod 777, but how unsafe is that?

    What means unsafe?

    chmod 777 says 

    rwxrwxrwx (symbolic)
User: read, write and execute
Group: read, write and execute
Others: read, write and execute

    Is that unsafe? Are you the only user of this webserver?

    Maybe you want to set up https://httpd.apache.org/docs/2.2/suexec.html

[reply]

      Yes, it is by definition unsafe. The viewer of the web site is a user of the web server so soon as you expose a CGI program through the web.

[reply]

        Yes, it is by definition unsafe. The viewer of the web site is a user of the web server so soon as you expose a CGI program through the web.

        But what does that have to do with the file permissions?

        The webserver runs the cgi under some account -- this account needs read/write access to files gpg needs

[reply]

In Section Seekers of Perl Wisdom