RE: Re: setuid scripts

My idea was that it would be a better way of making a CGI script able to create/modify some files, without making it so that anyone could modify those files, at least not without using the script.

oren

Comment on RE: Re: setuid scripts

Replies are listed 'Best First'.
RE: RE: Re: setuid scripts by cleen (Pilgrim) on Jul 08, 2000 at 04:07 UTC
If this is a cgi script, then Im guessing this script will be executed by the user who owns the httpd process right? Then why not make it so the httpd process has the proper rights to that file, and nobody else?	[reply]
RE: RE: RE: Re: setuid scripts by le (Friar) on Jul 08, 2000 at 11:52 UTC
Yes CGI scripts are executed as the httpd user (mostly nobody, or www, depends on configuration). But most of the time, suid scripts need root privileges, and it's really a bad idea to have httpd run as root.	[reply]
RE: RE: RE: RE: Re: setuid scripts by cleen (Pilgrim) on Jul 08, 2000 at 12:06 UTC
What I was stabbing at, was the fact he wants the file to be written only by the cgi script. If this is so, then why not just have the file set so only the owner of the httpd process has rights to read/write that file?	[reply]
RE: RE: RE: RE: RE: Re: setuid scripts by le (Friar) on Jul 08, 2000 at 12:52 UTC
RE: RE: RE: RE: RE: RE: Re: setuid scripts by cleen (Pilgrim) on Jul 08, 2000 at 12:58 UTC