Perl-Sensitive Sunglasses | |
PerlMonks |
Re: Security, root and CGI?by hbm (Hermit) |
on Jan 29, 2009 at 01:52 UTC ( [id://739742]=note: print w/replies, xml ) | Need Help?? |
I'd run the web server as a UID that 1) has no shell access; and 2) has no ownership outside the web server. And 3) allow that (and only that) UID to run the root script via sudo. On the other hand, I'm pressed to think of any root-owned tasks that I'd unload... Do they need to be owned by root? Can they not be cron'd?
In Section
Seekers of Perl Wisdom
|
|