[sclug] Permissions with web based applications
pieter claassen
pieter at openauth.co.uk
Sat Oct 25 09:05:36 UTC 2003
I am trying to write a web based management console that needs to access
stuff that is restricted to root.
The system is authorised, so you should only be able to get to the
interface if you are a root user.
I have installed the suid perl module that will allow perl to execute
suid stuff.
However, my problem is that I have written a number of bash scripts that
does what I want it to do. These scripts call iptables etc. and needs to
run as root.
If I call those scripts from the cgi environment, then it is called by
the www-data user and they all fail.
I find that if I suid the cgi scripts and they call the required os
tools (iptables etc.) directly then it works fine. However, if I call
other shell scripts that in turn call the os tools then it seems that
the uid the the shell script is run under is that of the webserver and
not that of the owner, even though they are all set suid.
Any comments are appreciated.
Thanks,
Pieter
More information about the Sclug
mailing list