in reply to CGI and root permissions
Lincoln Stein has a module user_manage: The All-Purpose Web Server User Management Script.
I have not used it!
In the docs Lincoln suggests how in order for the script to be able to update password and group files, not only must it have write access to the files themselves, but to the directory that contains them (the script creates lock and other temporary files within the directory). He suggests three alternatives
1. Run as a SUID Script
2. Run as a SGID Script
3. The scary option - Keep the Password and Group Files in a Directory writable by "nobody".
Maybe the solution you have is not so bad after all?
I have not used it!
In the docs Lincoln suggests how in order for the script to be able to update password and group files, not only must it have write access to the files themselves, but to the directory that contains them (the script creates lock and other temporary files within the directory). He suggests three alternatives
1. Run as a SUID Script
2. Run as a SGID Script
3. The scary option - Keep the Password and Group Files in a Directory writable by "nobody".
Maybe the solution you have is not so bad after all?
|
---|
Replies are listed 'Best First'. | |
---|---|
RE: Re: CGI and root permissions
by aCC (Initiate) on May 29, 2000 at 20:52 UTC |
In Section
Seekers of Perl Wisdom