httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Atte Peltomaki" <atte.peltom...@f-secure.com>
Subject Re: [users@httpd] CGI via suexec
Date Wed, 27 Jul 2005 06:18:47 GMT
> > I'm trying to implement such scenario where a cgi script would be run as
> > the user that just authed against the local passwd. This way the cgi
> > script would have the same rights as the local user does.
> > 
> > Anyone have any ideas how to pass the login information to suexec?
> 
> If you mean HTTP authentication login, then it can't be done.  This
> would violate suexec's security model.  It only runs scripts based on
> their owner.
> 
> You can look at cgiwrap, which is a little more flexible.  But I doubt
> it will do this either.

It didn't seem like cgiwrap would be able either. Any other ideas,
anyone? Last resort is to sourcedive for the http auth login bit, and
hook it to a homebrewn cgiwrapper, or a modified version of
suexec/cgiwrap. But this is a lot of work, perhaps too much for what it
would achieve.

-- 
 ____________
 \   ______//     Atte Peltomäki - Atte.Peltomaki@F-Secure.com
  \  \\____           	 IT Engineer - IT Server Team
   \   __//    F-Secure Corp. PL 24, FIN-00181 Helsinki, Finland
    \  \\     Tel: +358 9 2520 0700,     direct: +358 9 2520 5423   
     \ //                   http://www.F-Secure.com
      \/         Integrated Solutions for Enterprise Security

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message