It sounds like what you want is to authenticate users against your /etc/passwd and /etc/shadow files, then have the CGI script run with their privileges.

This is a fairly dangerous thing to do, unfortunately. It requires that you either run your Apache as root, so it will be allowed to read passwords from /etc/shadow and then switch to the appropriate user, or else have your script setuid to root, so it will acquire those privileges when it starts. Either way, a tiny bug in your script or in Apache could lead to your entire system being taken over, so unless you are very experienced with secure programming, you should try to avoid these techniques.

A different way to accomplish the same thing is to have a small server running as root and accepting a username, password, and a limited set of commands. Your script would get input from a form, send a command to this server, then interpret and display the results. That can be a little safer, because the server can be very simple and doesn't have to interact with a Web server.

Another way is to send username, password, and command to a local ssh server using Net::SSH; that way the ssh server handles most of the security code, and you just have to worry about getting it the right commands.

In reply to Re: get the user id and pwd who logs in to the cgi/perl application by sgifford
in thread get the user id and pwd who logs in to the cgi/perl application by rsennat

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.