httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject Re: [users@httpd] CGI under Apache 2.0.40 - Won't someone please help me?
Date Sat, 16 Aug 2003 01:23:51 GMT

On Sat, 16 Aug 2003, Eugene Geldenhuys wrote:
> So the question remains, how do I execute system binaries from
> within a cgi script?

I think what you are missing is that this has really nothing at all to do
with cgi scripts and everything to do with user permissions.  A cgi script
can only do what the executing user has permission to do.  The executing
user differs depending on whether suexec is used or not.  But in general,
since the executing user will not be root, you won't be able to do system
tasks that require root access.

One way to verify this: find the user that the cgi script will be running
under (User/Group or SuexecUserGroup depending on whether suexec is in
use) and "su" to that user.  (eg. su apache.)  Then try to run whatever
script you want the cgi script to run.  If you can't do it that way, then
the cgi script will never be able to do it.

People who want to elevate priveleges on a limited basis often use a
program called sudo.  It is most likely included with Redhat, so you can
look at the man page to see how it works.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message