Professional Web Applications Themes

TCL as CGI.. or PHP and no CGI? The choice is yours - PHP Development

Phil Powell wrote: > I am having to use CGI script to view files in a particular directory > (directory has permissions of 755 and has the same ownership as everywhere > else). I am able to upload the file using PHP, however, I am unable to view > or list the files because of permission errors. > [cut] That's actually a bit of a tough one. This is a very common permission problem, since your scripts run as www, and not as phil. If you really want to store the files as phil (which I'm not sure is a ...

  1. #1

    Default Re: TCL as CGI.. or PHP and no CGI? The choice is yours

    Phil Powell wrote:
    > I am having to use CGI script to view files in a particular directory
    > (directory has permissions of 755 and has the same ownership as everywhere
    > else). I am able to upload the file using PHP, however, I am unable to view
    > or list the files because of permission errors.
    > [cut]
    That's actually a bit of a tough one. This is a very common permission
    problem, since your scripts run as www, and not as phil. If you really
    want to store the files as phil (which I'm not sure is a good idea), you
    can:

    1/ run your Tcl CGI scripts via suid tcl interpreter; for example get a
    tclkit, make it chmod 6755 - but then, you'll have a security problem,
    since anyone clever enough will be able to run your tclkit with his/her
    script (and therefore work as phil) - not a good option, IMHO

    2/ use a suid starpack, better than 1/, since the script will be
    embedded in the interpreter, so noone will run it except you.

    3/ write a simple Tcl app that does Tcl_CreateInterp(), Tcl_Init(),
    Tcl_FindExecutable() and Tcl_EvalFile(); make it suid

    4/ run tclhttpd (on another port) as phil and have tclhttpd serve as
    your webserver - I'm not sure if it handles uploads though. Try googling
    on that.

    5/ ask your system administrator to run PHP scripts as their owner -
    this is possible, AFAIR, however I do not use PHP, so cannot help here



    --
    WK

    Wojciech Kocjan Guest

  2. #2

    Default Re: TCL as CGI.. or PHP and no CGI? The choice is yours

    # I still can't list or view the files and I'm completely out of ideas. I
    # need for someone to give me a direction to go with this. Do I write a CGI
    # script in TCL to view and list the files, or is there still a PHP solution I
    # haven't found where the folder can remain the default 755 and can view them
    # that way?

    One possibility is to use a variation of suexec (set user and exec). The apache
    webserver has a form of this, and I think php also does. I also wrote a version
    myself: it's not that hard if you can create an setuid root program. It gets
    the username and password out of the ozone, encrypts 0, checks it
    against /etc/passwd or /etc/shadow, and then does a setuid and exec. The hard
    part is trying to do so without letting hackers run amuck on your system.

    Another possibility to upload to another drop box folder, and run a daemon that
    periodically scans the drop box, and then move/chown/chmod it to where you want
    it to really be. I think you should be able to put a 777 folder with a 755
    folder, so perhaps you can have a drop box within each folder.

    --
    Derk Gwen [url]http://derkgwen.250free.com/html/index.html[/url]
    We found a loophole; they can't keep us out anymore.
    Derk Gwen Guest

Similar Threads

  1. Clumsy choice
    By Jan Eden in forum PERL Beginners
    Replies: 1
    Last Post: January 8th, 09:27 AM
  2. Choice of MTA
    By Haines Brown in forum Debian
    Replies: 2
    Last Post: July 21st, 04:30 PM
  3. What's the best choice?
    By David Copenhaver in forum ASP
    Replies: 0
    Last Post: July 2nd, 02:08 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139