httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ahbaid Gaffoor <ahba...@attbi.com>
Subject Re: [users@httpd] CGI system call - write to file system
Date Tue, 06 May 2003 13:59:50 GMT
Thanks! Works!

I made a directory writeable by the apache process user, and it works!

Boyle Owen wrote:

>>-----Original Message-----
>>From: Ahbaid Gaffoor [mailto:ahbaidg@attbi.com]
>>
>>I have a CGI perl script, the call is as follows:
>>system("touch a.lst");
>>
>>Now, for calls that do not write to the file system, the call 
>>works, but as soon as I try to write to the file system it fails.
>>    
>>
>
>That is exactly as it should be!
>
>The apache process runs as the user defined by the "User" directive and
>it is unlikely that this user would have write privileges in any random
>directory. If you want to have apache write, remove or touch files, you
>have explicitly to permit it (assuming User = apache):
>
>- change the owner of the target directory to "apache"
>- change User to the owner of the dir
>- make the dir group-writeable and make apache a member of the group
>- make the dir writeable by "others" (this is easiest but also the most
>dangerous!)
>
>Be aware that there are security considerations to allowing apache write
>access to dirs - tread carefully.
>
>Rgds,
>Owen Boyle
>Disclaimer: Any disclaimer attached to this message may be ignored.  
>
>  
>
>>This is in my CGI-BIN directory, calls to "ls -l" work fine...
>>
>>
>>Is there some option I need to use to allow apache to write to 
>>the file 
>>system?
>>
>>thanks
>>
>>Ahbaid
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP 
>>Server Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>    
>>
>
>This message is for the named person's use only. It may contain
>confidential, proprietary or legally privileged information. No
>confidentiality or privilege is waived or lost by any mistransmission.
>If you receive this message in error, please notify the sender urgently
>and then immediately delete the message and any copies of it from your
>system. Please also immediately destroy any hardcopies of the message.
>You must not, directly or indirectly, use, disclose, distribute, print,
>or copy any part of this message if you are not the intended recipient.
>The sender's company reserves the right to monitor all e-mail
>communications through their networks. Any views expressed in this
>message are those of the individual sender, except where the message
>states otherwise and the sender is authorised to state them to be the
>views of the sender's company. 
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>  
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message