** seteuid,creating files, and CGIs **

** seteuid,creating files, and CGIs **

Post by John Gord » Sat, 09 Sep 2000 01:44:39

> be the easiest and most secure way to do this.  The CGI will authenticate
> the user and then should create the .forward file in the appropriate
> user's directory but the cgi is running as user nobody.  Can I use seteuid
> so the process is no longer run as nobody but as that username?  What
> security problems might result from this?

the .cgi will have to be setuid root, of course.  (do you have root access
on your machine?)  to minimize the time that the cgi spends running as
root, call seteuid() as soon as possible within the cgi.  don't make any
calls to system() either.

what do you mean by "the cgi will authenticate the user"?  are you using
some authentication method other than basic htpasswd/htaccess?

do the logins in your htpasswd file match the logins in /etc/passwd?

"... What with you being his parents and all, I think that you could
be trusted not to shaft him."  -- Robert Chang, rec.games.board


1. setuid seteuid and giving a file away by chown ???

Does anyone none how to give a file away using chown under solaris

eg  fred owns the file and wants to give it to projectx

Second thing is how can you, ( if you can )
 fred runs a setuid root programme which can you give
 euid fred and uid projectx ?

 fred runs a setuid root programme which can you give
 euid projectx and uid fred ?

Thanks for any help.

2. Hp 5L Laserjet compatibility

3. Matrox Mystique ands X.

4. Dual boot on linux with win-nt

5. CGIs to modify root files and processes ?

6. Problem with news-server

7. process using .so files created with different file format

8. ARCServe Lite questions

9. cannot create file in mounted file system

10. ftpd, default file permissions on creating a file on Solaris, SunOS 5.5.1

11. Setting file permissions on file created by O_CREAT

12. How to make syslogged file created as separate file every some period?

13. Enforcing Unix File Permissions for Files Created by JSP Application