set the User within a script

Ashford has asked for the wisdom of the Perl Monks concerning the following question:

I am installing a packaged shop cart program, PerlShop, onto a commercial webhost.

All the other webhosts I've experienced ran the files as "User sitename". This one runs cgi-bin/scripts as "User Nobody", and says I need to set the User in the script. How is that done?

Ashford

Considered by Aighearach: (delete) not a perl question

Unconsidered by Arunbear - enough keep votes; Keep/Edit/Delete: 8/4/2

Comment on set the User within a script

Replies are listed 'Best First'.
Re: set the User within a script by Happy-the-monk (Canon) on Nov 07, 2004 at 22:02 UTC
I'm sorry you can't. You will have to either contact the site administrator that you need privileges to run as another user, or change the software to run as the user that's running the webserver - or even as any user. Maybe you want to look at Running a daemon process as another user for how changing a user name could be done in a different set up ... although it doesn't apply to your situation. Cheers, Sören	[reply]
Re: set the User within a script by zentara (Cardinal) on Nov 08, 2004 at 11:33 UTC
I've played with Perlshop alot. The only difference in running it as User Nobody, is that the directories which Perlshop writes to need to be 777 in their permissions. When it's User Sitename, it means they probably have suexec enabled, and you can get away with the better 700 permissions. I'm not really a human, but I play one on earth. flash japh	[reply]
Re^2: set the User within a script by Ashford (Initiate) on Nov 09, 2004 at 00:24 UTC
Thanks to everyone for the advice and suggestions. I don't feel quite so inempt contacting the webhost administrator, when I almost know what I'm talking about. I read that using CHMOD 777 was asking for trouble. Are there guidelines for when it's okay to use?	[reply]
Re^3: set the User within a script by zentara (Cardinal) on Nov 09, 2004 at 12:10 UTC
If your apache server is running with the lowest possible permissions, you don't have much of a choice. All you can do is write your code, with the knowledge that anyone can read or write that directory. Check you user input, and only allow valid responses to work. Another thing about this, is that other users on the server, may be able to get access to your directories. Suexec was designed to help thwart that problem. <PS>Perlshop does a pretty good job of it, but there are places it needs improvement, be careful of cc numbers in 777 directories. I made an improved version of Perlshop, for my own use, you may find some ideas from it.Perlshop-Z</PS> I'm not really a human, but I play one on earth. flash japh	[reply]