RE: RE: Re: setuid scripts

If this is a cgi script, then Im guessing this script will be executed by the user who owns the httpd process right? Then why not make it so the httpd process has the proper rights to that file, and nobody else?

Comment on RE: RE: Re: setuid scripts

Replies are listed 'Best First'.
RE: RE: RE: Re: setuid scripts by le (Friar) on Jul 08, 2000 at 11:52 UTC
Yes CGI scripts are executed as the httpd user (mostly nobody, or www, depends on configuration). But most of the time, suid scripts need root privileges, and it's really a bad idea to have httpd run as root.	[reply]
RE: RE: RE: RE: Re: setuid scripts by cleen (Pilgrim) on Jul 08, 2000 at 12:06 UTC
What I was stabbing at, was the fact he wants the file to be written only by the cgi script. If this is so, then why not just have the file set so only the owner of the httpd process has rights to read/write that file?	[reply]
RE: RE: RE: RE: RE: Re: setuid scripts by le (Friar) on Jul 08, 2000 at 12:52 UTC
That of course, is a possibility. But what if the httpd process runs as, say nobody, and you don't have the permissions to chown a file to nobody? Ok, then you probably don't have permission to set a script suid... hmmm, bad luck!	[reply]
RE: RE: RE: RE: RE: RE: Re: setuid scripts by cleen (Pilgrim) on Jul 08, 2000 at 12:58 UTC