|
|
Sponsored Content
Special Forums
Cybersecurity
scripts access
Post 798 by steve hodkin on Friday 19th of January 2001 02:20:15 PM
01-19-2001
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi
I need to access files from a specific folder of a Linux system from an another Linux System Remotely.
I know how to, Export a folder on One SCO System & can access the same by using Import via., NFS in the Sco Unix SVR4 System using the scoadmin utility.
Also, I know to use mount -t ... (2 Replies)
Discussion started by: S.Vishwanath
2 Replies
2. Shell Programming and Scripting
Hi,
I need (have been asked/order/instructed) to migrate the access of a number of ksh scripts into a html/web page environment. Currently access is with the user logging onto a unix box and accessing the scripts that way. The users are not unix people so I have restricted the access solely to... (4 Replies)
Discussion started by: nhatch
4 Replies
3. Shell Programming and Scripting
Hi All,
I have declared a variable in script1 and assign a value for it. In script2 i'll call script1 and then I want the value of variables set in script1.
I have tried with export, but in vain.
How can I achive this?
Below is the two scripts.
--script1
#!/usr/bin/ksh
echo $1... (1 Reply)
Discussion started by: javaDev
1 Replies
4. Shell Programming and Scripting
Hi,
I have to write a program to compute the checksums of files
./script.sh
I wrote the program using bash and it took me forever since I am a beginner but it works very well.
I'm getting so close to the deadline and I realised today that actually I have to use normal Bourne shell... (3 Replies)
Discussion started by: pgarg1989
3 Replies
5. UNIX for Dummies Questions & Answers
hi all,
i want to know y kernel is giving access for multiple users to access a file when one user may be the owner is executing that file. Because other user can manipulate that file when the other user is executing that file, it will give the unexpected result to owner . plz help me... (1 Reply)
Discussion started by: jimmyuk
1 Replies
6. Shell Programming and Scripting
i want to access database (sql script) within a unix script.
help me (2 Replies)
Discussion started by: chamaraa
2 Replies
7. Shell Programming and Scripting
Hi,
I have two scripts say one.sh and two.sh.
I want one.sh to continuously export a variable in loop. and when two.sh starts then it should read the last value exported from one.sh.
file: one.sh
#! bin/sh
for i in `seq 1 1 4000000`; do
export VAR=$(($i**$i)) ;
done
file two.sh
... (2 Replies)
Discussion started by: bhushan123
2 Replies
8. Shell Programming and Scripting
Dear Members,
I have a table REQUESTS in Oracle which has an attribute REQUEST_ACTION. The entries in REQUEST_ACTION are like, ME, MD, ND, NE etc.
I would like to create a script which will will call other scripts based on the request action.
Can we directly read from the REQUEST_ACTION... (2 Replies)
Discussion started by: Yoodit
2 Replies
9. Shell Programming and Scripting
Hi,
How to restrict access to a .ksh script in such the way that the users can only execute the script, neither read nor write.
I tried the below code so that my user alone has the rwx and other users can only execute.
chmod 711 sample.ksh
But when I logged in as a different user... (26 Replies)
Discussion started by: machomaddy
26 Replies
10. Solaris
Hi All,
I want to configure samba share permission so that only directory creator/owner has a read and write permission and other users should not have any read/write access to that folder.Will that be possible and how can this be achieved within samba configuration.
Regards,
Sahil (1 Reply)
Discussion started by: sahil_shine
1 Replies
LEARN ABOUT DEBIAN
gsexec
GSEXEC(8) GridSite Manual GSEXEC(8) NAME
gsexec - Switch user before executing external programs SYNOPSIS
gsexec [-V] SUMMARY
gsexec is used by the Apache HTTP Server to switch to another user before executing CGI programs. In order to achieve this, it must run as root. Since the HTTP daemon normally doesn't run as root, the gsexec executable needs the setuid bit set and must be owned by root. It should never be writable for any other person than root. gsexec is based on Apache's suexec, and its behaviour is controlled with the Apache configuration file directives GridSiteExecMethod and GridSiteUserGroup added to Apache by mod_gridsite(8) Four execution methods are supported: nosetuid, suexec, X509DN and directory, and these may be set on a per-directory basis within the Apache configuration file. NOSETUID METHOD
This is the default behaviour, but can also be produced by giving GridSiteExecMethod nosetuid CGI programs will then be executed without using gsexec, and will run as the Unix user given by the User and Group Apache directives (nor- mally apache.apache on Red Hat derived systems.) SUEXEC METHOD
If GridSiteExecMethod suexec is given for this virtual host or directory, then CGI programs will be executed using the user and group given by the GridSiteUserGroup user group directive, which may also be set on a per-directory basis (unlike suexec's SuexecUserGroup which is per-server only.) The CGI program must either be owned by root, the Apache user and group specified at gsexec build-time (normally apache.apache) or by the user and group given with the GridSiteUserGroup directive. X509DN METHOD If GridSiteExecMethod X509DN is given, then the CGI program runs as a pool user, detemined using lock files in the exec mapping directory chosen as build time of gsexec. The pool user is chosen according to the client's full certificate X.509 DN (ie with any trailing GSI proxy name components stripped off.) Subsequent requests by the same X.509 identity will be mapped to the same pool user. The CGI program must either be owned by root, the Apache user and group specified at gsexec build-time (normally apache.apache) or by the pool user selected. DIRECTORY METHOD
If GridSiteExecMethod directory is given, then the CGI program runs as a pool user chosen according to the directory in which the CGI is located: all CGIs in that directory run as the same pool user. The CGI program must either be owned by root, the Apache user and group specified at gsexec build-time (normally apache.apache) or by the pool user selected. EXECMAPDIR
The default exec mapping directory is /var/www/execmapdir and this is fixed when the gsexec executable is built. The exec mapping directory and all of its lock files must be owned and only writable by root. To initialise the lock files, create an empty lock file for each pool user, with the pool username as the filename (eg user0001, user0002, ...) As the pool users are leased to X.509 identities or directories, they will become hard linked to lock files with the URL-encoded X.509 DN or full directory path. You can recycle pool users by removing the corresponding URL-encoded hard link. stat(1) and ls(1) with option -i can be used to print the inodes of lock files to match up the hard links. However, you must ensure that all files and processes owned by the pool user are deleted before recycling! OPTIONS
-V If you are root, this option displays the compile options of gsexec. For security reasons all configuration options are changeable only at compile time. MORE INFORMATION
For further information about the concepts and the security model of the original Apache suexec please refer to the suexec documentation: http://httpd.apache.org/docs-2.0/suexec.html For examples using the gsexec extensions, please see the GridSite gsexec page: http://www.gridsite.org/wiki/Gsexec AUTHORS
Apache project, for original suexec Andrew McNab <Andrew.McNab@manchester.ac.uk> for gsexec modifications. gsexec is part of GridSite: http://www.gridsite.org/ SEE ALSO
httpd(8), suexec(8), mod_gridsite(8) gsexec October 2005 GSEXEC(8)