httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ken Hilliard" <ken.hilli...@seqid.com>
Subject RE: [users@httpd] File Access Rights
Date Tue, 21 Jan 2003 08:46:00 GMT
Is it possible to define a particular user to a Perl CGI script so that the
directory is not shared by any other applications?

-----Original Message-----
From: Lagore, James (Contractor) [mailto:LagoreJ@ritchie.disa.mil]
Sent: Monday, January 20, 2003 4:44 PM
To: 'users@httpd.apache.org'
Subject: RE: [users@httpd] File Access Rights


FYI on using nobody. Sans.org states "Do NOT use the nobody account, for
this account is used to map the root account over NFS".

Jim

-----Original Message-----
From: Jacob Coby [mailto:jcoby@listingbook.com]
Sent: Monday, January 20, 2003 7:09 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] File Access Rights


> I wrote an Apache (Perl) CGI script running on Windows 2000 Server. My
> script needs to generate graphics files and store them in a file. Under
> Windows it looks like my script can read/write files into any directory.
>
> I want to migrate to RedHat Linux. What are the rules concerning Apache
CGI
> programs with regard to creating and writing files? I read that Apache
child
> processes normally run as "nobody". How can I setup my Perl CGI script so
> that it has a directory into which I can write files? Thanks in advance.

As the root user, run:

chown nobody.nobody /path/to/images
chmod 700 /path/to/images

that says that user nobody group nobody owns the /path/to/images directory
and that only it has read/write/execute (exec means it can look at the
directory in this context) to that dir.  You could also chmod 755 to say
that user nobody has read/write/exec and the rest of the world has read/exec
(so you can at least see whats being put there).

Once that's done, you just need to modify your perl script to put its files
in /path/to/images

-Jacob


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message