in reply to Secure Permissions?
Just thought I'd point out that Apache can be also configured
to run using a suid wrapper, so that CGIs can be run in
mode 700 (rwx------) or 500 (r-x------). In this
configuration, the CGIs execute as the user whose account
corresponds to that directory. Thus, on a system that
hosts many web accounts, a user can create a set of scripts
which are executable, have the same access as that
user, yet be unreadable by other users on the same system.
The script can also then read and write files which the
user can only access (mode 600: rw-------).
I'm not sure how common this setup is (so far I've only
run into two servers which have Apache set up this way;
both were webhosting companies).
- Zoogie
|
---|
Replies are listed 'Best First'. | |
---|---|
RE: RE: Secure Permissions?
by Fastolfe (Vicar) on Nov 06, 2000 at 20:43 UTC |
In Section
Seekers of Perl Wisdom