How do you pass authentication on the command line?
Alex Rice
alex at mindlube.com
Fri Feb 6 13:07:28 EST 2004
On Feb 6, 2004, at 12:50 AM, Dave Cragg wrote:
> Not answering your question exactly, but couldn't you have the CGI
> script do a chmod on the file with shell just after it saves it. This
> won't need sudo as the CGI runs as the owner of the file and can
> change permissions. I just tested here and it worked.
Actually in many CGI setups, a CGI script runs as "nobody" or "www" or
whatever user the httpd process is running as, regardless of who owns
the script files. According to the Apache docs: "Normally, when a CGI
or SSI program executes, it runs as the same user who is running the
web server."
suExec is a feature that cause CGI scripts to run as a different user.
See <http://httpd.apache.org/docs-2.0/suexec.html>
Ken- for your problem, I think you should aim for creating the file
with the correct ownership in the first place, not trying to pass
permissions to a chown command.
I think suExec would be the best solution for you, then all of user
"ken"'s scripts will be running as "ken" not as "www".
Alternatively you may be able to use a suid script:
# as user "ken"
chmod a+x some-script.mc
chmod +s some-script.mc
Now some-script.mc should run as "ken", even if the web server is
running the script as the user "www".
--
Alex Rice | Mindlube Software | http://mindlube.com
More information about the use-livecode
mailing list