Re: set the User within a script

I've played with Perlshop alot. The only difference in running it as User Nobody, is that the directories which Perlshop writes to need to be 777 in their permissions. When it's User Sitename, it means they probably have suexec enabled, and you can get away with the better 700 permissions.

I'm not really a human, but I play one on earth. flash japh

Comment on Re: set the User within a script

Replies are listed 'Best First'.
Re^2: set the User within a script by Ashford (Initiate) on Nov 09, 2004 at 00:24 UTC
Thanks to everyone for the advice and suggestions. I don't feel quite so inempt contacting the webhost administrator, when I almost know what I'm talking about. I read that using CHMOD 777 was asking for trouble. Are there guidelines for when it's okay to use?	[reply]
Re^3: set the User within a script by zentara (Cardinal) on Nov 09, 2004 at 12:10 UTC
If your apache server is running with the lowest possible permissions, you don't have much of a choice. All you can do is write your code, with the knowledge that anyone can read or write that directory. Check you user input, and only allow valid responses to work. Another thing about this, is that other users on the server, may be able to get access to your directories. Suexec was designed to help thwart that problem. <PS>Perlshop does a pretty good job of it, but there are places it needs improvement, be careful of cc numbers in 777 directories. I made an improved version of Perlshop, for my own use, you may find some ideas from it.Perlshop-Z</PS> I'm not really a human, but I play one on earth. flash japh	[reply]