[Gllug] Apache access to root-owned files

Gavin White white.gavin at gmail.com
Thu Jan 25 15:53:03 UTC 2007


How about a root cron job? Have your CGI script write to a jobs
pending directory, and every 5 minutes, root's cron checks it for
incoming jobs.

Gavin

On 1/25/07, Christopher Mocock <chris at wavestore.com> wrote:
> I'm in the process of writing a Python CGI script which allows the IP
> address of a headless Linux box to be changed using a form on a web
> page. The script works fine although it's currently only writing to an
> ifcfg-eth0 file which is owned by apache.
>
> Obviously when finished, the script needs to be able to write to the
> root-owned /etc/sysconfig/network-scripts/ifcfg-eth0 file.
>
> The question is, what's the best (i.e. least insecure) way to do this?
> I'll use .htaccess to make sure authenticated users only have access to
> the CGI page, but obviously I'm concerned about the fact that something
> may have to run as root temporarily in order to write the file.
>
>
> TIA, Chris.
> --
> Gllug mailing list  -  Gllug at gllug.org.uk
> http://lists.gllug.org.uk/mailman/listinfo/gllug
>
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list