in reply to touching off external processes within perl CGI scripts

Hi,

First off this is dangerous - or at least can be. Whatever you do make sure that you are not passing values to the command line that could be passed to the CGI program without doing some serious checking of the values.

Next is that by default anything executed by a CGI program is going to be run as user nobody (or some rather anonymous and less powerful user). There is good documentation at Apache's web site that can help you set up scripts to run SUID. Basically as whatever user you want. Again this is dangerous - the whole point of a nobody user is that they cannot do as much damage.

Now, it's hard to tell your level of experience from your question, but a few things you should know in general about CGI coding (and even more generally about Perl coding). You want to specify use strict; at the top of your code and use CGI; since this is a CGI program. Using strict forces some good coding habits upon you. Using CGI protects you in other ways - like some basic taint checking from your incoming request.

From here executing system commands is easy if you have the rest of your script working properly. The following (untested) snippit sets up a CGI object then upon receiving a certain value from the user executes a system command: 

#! /usr/bin/perl -w
use strict;
use CGI;

my $q = new CGI;
my @result;

# other stuff happens

if ($q->param('command') eq "command1")
{
    # Notice how I pass NOTHING to the
    # system command that was handed to 
    # the CGI script.
    @result = `/usr/local/bin/script.sh`;
}
elsif ($q->param('command') eq "command2")
{
    # command 2...
}
#  more stuff happens.

# Include code to render your html around here
# then display the result of your system command here:
print join "<BR>", @result;
# Close out your html document.

[download]
I hope this gets you off on the right foot. Just please approach this carefully - have your external program run by the least priviledged user possible, and pass nothing to the command line that you have not sanitized as much as humanly possible. You have much reading to do, but you have a good start if you wander around PerlMonks.org Super Search looking for examples of how to get started.

Good luck,

{NULE}
--
http://www.nule.org

In Section Seekers of Perl Wisdom