httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mauricio" <mandr...@pr.gov.br>
Subject Re: file's permissions in cgi
Date Wed, 03 Jul 2002 13:20:04 GMT
Lee, my doubt is, I have to create a user called www, and to do chown my cgi
for user www, and run apache as user www?
And, how do I run apache as www? Do I need change my user nobody group
nobody for user www?
I need help about it.
Thanks in advance.

Mauricio.

----- Original Message -----
From: "Lee Fellows" <lfellows@4lane.com>
To: <users@httpd.apache.org>
Sent: Wednesday, July 03, 2002 9:07 AM
Subject: Re: file's permissions in cgi


> On Tue, 2002-07-02 at 16:56, Mauricio wrote:
> > Hi for all.
> > When a user run a cgi, he execute as "others".
> > Then I have a file .cgi with the permissions:
> > r_xr_xr_x
> > The problem is that anyone user that log in server using telnet can to
execute this file.
> > Can anyone help me?
> >
> > Mauricio
> > +55 - (041) - 219-5246
> > mandrade@pr.gov.br
>
> Hi Mauricio,
>
>   What exactly is the concern?  Whether they can execute it from
> a browser, or from the command line, would seem irrelevent.
>
>   You say they are executing it as the group 'others'?  Not in a usual
> apache installation.  Normally apache would execute it as its user
> or group which varies from installation to installation, but user nobody
> and group nobody are common.
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message