in reply to Re: How do I create files on the server?
in thread How do I create files on the server?

I've got a form going which is used to update/append a log of comments for the current day. I therefore build a filename based on the date and time and then check to see if it exists every time a browser request is made. If it doesn't I want to create it on the server. I have a command line script that does this but when I integrate it in the form script I figure it's a matter of permissions that does not allow me to do that.
  • Comment on RE: Re: How do I create files on the server?

Replies are listed 'Best First'.
RE: RE: Re: How do I create files on the server?
by nardo (Friar) on Jul 16, 2000 at 20:08 UTC
    From the mod_perl FAQ:

    What if my script needs higher privileges?

    You will have to start a new process that runs under a suitable user-id (or group-id). If all requests handled by the script will need the higher privileges, you might as well write it as a suid CGI script. Read the documentation about suEXEC in the Apache documentation.

    Alternatively, pre-process the request with mod_perl and fork a suid helper process to handle the privileged part of the task.
[reply]
RE: RE: Re: How do I create files on the server?
by Aighearach (Initiate) on Jul 17, 2000 at 04:02 UTC
    It sounds like the server is set up the same as mine; hands off anything created by Apache, unless you're in the same group. It simplifies security. Why not just create an empty file on the server, and copy it to the new name? So first you'd prepare it with: (assuming *nix) 
    touch blank.file
    and in your code: (I haven't had my coffee yet, so this isn't Perl; it's psuedocode.) 
    if ( need_new_file() ) {
    copy( blank.file, new.file );
}
open( *NEW_FILE, ">>new.file" );
print NEW_FILE $stuff;
close NEW_FILE;

    [download]

    Okay, it's a kludge. But, it works. And without needing extra permissions. 

    Paris Sinclair    |    4a75737420416e6f74686572
pariss@efn.org    |    205065726c204861636b6572
I wear my Geek Code on my finger.
[reply]
[d/l]
      So the "touch" part is actually precreating the file? Not part of the script? This is exactly what I'm trying to avoid.
[reply]
        Right. But, having access to files _created_ by the webserver is proabably what the sysadmin is trying to avoid... if you don't have permissions, don't have the access to change the permissions, are you sure you'll be allowed to run setuid scripts? 
        Paris Sinclair    |    4a75737420416e6f74686572
pariss@efn.org    |    205065726c204861636b6572
I wear my Geek Code on my finger.
[reply]

In Section Seekers of Perl Wisdom