in reply to running cgi as user other than nobody

There are many ways, some are ugly, and none especially perl.
  • have your webserver run as root, you can then make the files whatever you want ;-)
     This is of course, a Bad Idea.
  • clever use of the Group directive
  • http://stein.cshl.org/WWW/software/sbox/
  • http://cgiwrap.sourceforge.net/
  • http://www.snert.com/Software/mod_become/index.shtml

    • UPDATE: I forgot to mention (memory spurred by tangential remark by jeffa), setting the directory to setgid. Thus if nobody and user are in a group, and the directory is group writable and setgid group all files created within will be in the group and editable by both. I have done this before, it can get a little hairy though. This works best with a RedHat type system, since each user has their own group. All that is required is to add nobody to each of these groups.

    Achh, I can't believe I missed suexec! Zaxo++. (Suexec can be a major pain though, most notably the DocumentRoot gets locked in at compile time) I actually used both suexec and the setgid trick together. The reason why I needed the setgid supplement is that I was also using mod_dav. With WebDAV files are created by the webserver *proper*...

    PS> umask 002 could not give you a file that is a+w (or even o+w to be more specific).

    --
    perl -pe "s/\b;([st])/'\1/mg"

    • Comment on Re: running cgi as user other than nobody

    Replies are listed 'Best First'.
    Re: Re: running cgi as user other than nobody
    by emilford (Friar) on Apr 01, 2002 at 23:51 UTC
      I've read about some of these options, but are there any that don't involve installing extra server-side software?
    		[reply]
        Ahh that is an additional stipulation you did not initally make. Two of the options I gave meet this new criterion, also see the update I have added. However, IMO this is much like somebody coming here asking to implement some given functionality and saying "no modules". There is a very good reason this software(or modules) exist, and that is to meet a need and make the solution available for others, no reinventing the wheel.

        --
        perl -pe "s/\b;([st])/'\1/mg"

    		[reply]

    In Section Seekers of Perl Wisdom