Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

forbidden perl script

by bigup401 (Pilgrim)
on Jun 29, 2019 at 08:06 UTC ( [id://11102112]=perlquestion: print w/replies, xml ) Need Help??

bigup401 has asked for the wisdom of the Perl Monks concerning the following question:

This node falls below the community's threshold of quality. You may see it by logging in.

Replies are listed 'Best First'.
Re: forbidden perl script
by dsheroh (Monsignor) on Jun 29, 2019 at 09:10 UTC
    • The most straightforward way to prevent something from being accessed with a browser is to not put it in a web-accessible directory. Under most default Linux/Unix configurations, that means putting it somewhere which is not under /var/www, /var/html, /var/httpd, or /home/(any user)/public_html.
    • You can set the file to be owned by the user and/or group that you want to have sole access to it, then only give read and execute permissions to that user/group. If the file can't be read or executed by the user the web server runs as, then the web server can't make it available to remote users.
    • There are various ways for the Perl code to detect whether it's being run under a CGI interface and/or whether it's being run on the command line, some of which are described in this StackOverflow question and its answers.
    • If you turn off CGI support in your web server configuration (e.g., for apache, disable mod_cgi to turn it off globally, or set Options -ExecCGI to disable it for individual directories), then it will not be possible to run the Perl code, although it will still be possible for users to view the source file unless other measures are taken as described above.
[reply]
[d/l]
[select]

      Waste of time. See Re^2: progress bar

      Alexander

      --
      Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
[reply]
Re: forbidden perl script
by davido (Cardinal) on Jun 30, 2019 at 00:37 UTC

    It would be trivial using an under statement in Mojolicious::Lite. Are you still committed to CGI?

    use Mojolicious::Lite;

# Authenticate based on name parameter
under sub {
  my $c = shift;

  # Authenticated
  my $name = $c->param('name') || '';
  return 1 if $name eq 'Bender';

  # Not authenticated
  $c->render(template => 'denied');
  return undef;
};

# Only reached when authenticated
get '/' => 'index';

app->start;
__DATA__

@@ denied.html.ep
You are not Bender, permission denied.

@@ index.html.ep
Hi Bender.

    [download]

    (Lifted from the Mojolicious docs at https://mojolicious.org/perldoc/Mojolicious/Guides/Tutorial#Under.)

    Of course now that you've got the 'under' hook into which you can inject authentication, you are left with the more meaty problem of what authentication method you want to plug in there.


    Dave

[reply]
[d/l]
[select]
Re: forbidden perl script
by hippo (Bishop) on Jun 30, 2019 at 10:43 UTC

    As there are so many ways to do this in the web server config that it would be pointless reiterating them here and since you mention Perl, here is an in-Perl solution.

    die 'forbidden by bigup401' if exists $ENV{GATEWAY_INTERFACE};

    [download]
[reply]
[d/l]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://11102112]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others admiring the Monastery: (3)
As of 2024-04-25 19:36 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found