CGI's must be executable by everyone

AFAIK, this is configuration dependent. Commonly, Apache is often set up to run as the user 'nobody' (group 'nogroup'), and the scripts are owned by some user, i.e. 'webmaster', or possibly by root. In this case, the scripts must be world-executable, because the server is not running as the same user or group as the owner.

However, this is not always the case. My personal webserver, for example, runs as the user 'httpd', and is a member of the groups 'httpd' and 'web'. My PHP pages (the same rules apply as for CGI scripts) are owned by user 'rlk' (me), and have group 'web'. Since the server is a member of group web, the pages need only be group-executable. One advantage of doing it this way is that some of the pages need things such as database passwords hard-coded into them, and if they were world readable (a script must be readable to be executable), then any user on my system could read the script, learn my mysql password, and trash my database.

--
Ryan Koppenhaver, Aspiring Perl Hacker
"I ask for so little. Just fear me, love me, do as I say and I will be your slave."

In reply to RE: Re: Secure Permissions? by rlk
in thread Secure Permissions? by footpad

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.