in reply to running root command from cgi

Why do you want to do this via a CGI interface?

You could write a wrapper in C which execs your script and setuid the wrapper. Better might be to have the script call a setuid program that does the minimal amount necessary with root privs. Whatever you do, be extremely careful with user input. Run with tainting enabled (-T) and untaint the data very carefully.

Better yet, just don't do this.

-sauoq
"My two cents aren't worth a dime.";

Replies are listed 'Best First'.
Re: Re: running root command from cgi
by XYZ (Initiate) on Oct 31, 2003 at 01:23 UTC
    Thanks for the quick reply. I am doing this so they can package the server as a product which allows the not so savvy users to change network configurations. Is suExec a viable option? Please advise. Thanks in advance.
[reply]
      a product which allows the not so savvy users to change network configurations.
      When will they write software that will allow alcoholics to drive beer delivery trucks? ;)

      Plankton: 1% Evil, 99% Hot Gas.
[reply]

In Section Seekers of Perl Wisdom