Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Suexec solution
Top Forums UNIX for Dummies Questions & Answers Suexec solution Post 60164 by Neo on Tuesday 11th of January 2005 11:11:54 PM
Old 01-12-2005
Reference:

http://lists.evolt.org/archive/Week-...14/145126.html

Quote:
SuExec scenario:
If suExec is running, Perl runs as the owner of the script and gets it's permissions from the target file's owner bit (rw - -). Assuming that the script and the target file are owned by the domain user, that allows Perl the security of being able to write to the target file while not setting the world bit to a level allowing others to write to it. Problem: PHP still needs world write permission to write to target files and that allows both PHP and Perl in other domains permission to also write to the target file.
 

4 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

apache suexec

I compiled apache 1.3.33 with suexec support like ./configure \ "--with-layout=Apache" \ "--prefix=/usr/local/apache" \ "--enable-module=ssl" \ "--activate-module=src/modules/php4/libphp4.a" \ "--activate-module=src/modules/perl/libperl.a" \ "--enable-module=perl" \ "--enable-module=most"... (0 Replies)
Discussion started by: hassan1
0 Replies

2. UNIX for Advanced & Expert Users

suexec problem

Hi all, I am trying to setup apache w/ suexec to avoid permission problems w/ apache user and website user and also to be able to run a second (test) domain on the same server. So far I got fcgi w/o suexec running perfectly (logs confirm that). But as soon as I enable the suexec statement in the... (0 Replies)
Discussion started by: harrstar
0 Replies

3. UNIX for Dummies Questions & Answers

How to use Suexec with Apache2 ?

Hello guys I'm trying to use Suexec in my computer. I've installed apache with default settings (so Suexec is installed with my emerge Apache , Gentoo) . My settings on /etc/conf.d/apache2 # SUEXEC Enables running CGI scripts (in USERDIR) through suexec. # USERDIR Enables /~username... (1 Reply)
Discussion started by: kernings
1 Replies

4. Shell Programming and Scripting

SUEXEC with passwordless option

Hi, I am using the below command in suexec -u webuser /local/Tomcat7//0/tc7u/tomcat7.sh status But it prompts for the password of executing user. Let me know if any options available for passwordless or supplying password in script. (0 Replies)
Discussion started by: pravinbtech
0 Replies

LEARN ABOUT HPUX

rename

rename(2)							System Calls Manual							 rename(2)

NAME

       rename - change the name of a file

SYNOPSIS

DESCRIPTION

       The  system call causes the source file to be renamed to target.  If target exists, it is first removed.  Both source and target must be of
       the same type (that is, either directories or nondirectories), and must reside on the same file system.

       If target can be created or if it existed before the call, guarantees that an instance of target will exist, even if the system crashes	in
       the midst of the operation.

       If  the	final  component  of source is a symbolic link, the symbolic link is renamed, not the file or directory to which the symbolic link
       points.

RETURN VALUE

       returns the following values:

	      Successful completion.
	      Failure.
		     Neither file is affected.	is set to indicate the error.

ERRORS

       If fails, is set to one of the following values.

	      [EACCES]	     A component of either path prefix denies search permission.

	      [EACCES]	     The requested link requires writing to a directory without write permission.

	      [EBUSY]	     target or source is an existing directory that is the mount point for a mounted file system.

	      [EDQUOT]	     User's disk quota block or inode limit has been reached for this file system.

	      [EEXIST]	     target is a directory and is not empty.

	      [EFAULT]	     source or target points outside the allocated address space of the process.  Reliable  detection  of  this  error	is
			     implementation dependent.

	      [EINVAL]	     source is a parent directory of target, or an attempt is made to rename the or directory.

	      [EISDIR]	     target is a directory, but source is not.

	      [ELOOP]	     Too many symbolic links were encountered in translating either path name.

	      [ENAMETOOLONG] A	component  of  either path name exceeds bytes while is in effect, or the entire length of either path name exceeds
			     bytes.

	      [ENOENT]	     A component of the source path does not exist, or a path prefix of target does not exist.

	      [ENOSPC]	     The destination directory cannot be extended because of a lack of space on the file system containing the directory.

	      [ENOTDIR]      A component of either path prefix is not a directory.

	      [ENOTDIR]      source is a directory, but target is not.

	      [EPERM]	     The directory containing source has the sticky bit set, and neither the containing directory nor the source are owned
			     by the effective user ID.

	      [EPERM]	     The  target file exists, the directory containing target has the sticky bit set, and neither the containing directory
			     nor the target are owned by the effective user ID.

	      [EROFS]	     The requested link requires writing in a directory on a read-only file system.

	      [EXDEV]	     The paths named by source and target are on different logical devices (file systems).

AUTHOR

       was developed by the University of California, Berkeley.

SEE ALSO

       open(2).

STANDARDS CONFORMANCE

																	 rename(2)
All times are GMT -4. The time now is 12:48 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy