Solved

Ownership problems with PERL.

Posted on 1998-10-17
8
170 Views
Last Modified: 2010-03-05
Hey,
    Whenever PERL creates a file on my server it's ownership is set to "nobody" instead of my name.  Now I don't own the server, but I know the owner enough so he'd make changes.  So how would I change it so I have ownership of the files without compermising security?

Thanks in Advance
0
Comment
Question by:cide
  • 4
  • 3
8 Comments
 
LVL 1

Expert Comment

by:ghjm
ID: 1205466
There has to be more to this than you're telling us. The process running the perl script must be suid nobody. If you want the files to be created owned by your account, the process will have to run suid you. Whether this is possible, or whether it will create a security compromise, very much depends on the details. Is this a cgi script for a Web server?
0
 

Author Comment

by:cide
ID: 1205467
When I telnet into my server and type ls -l it returns:
drwxr-xr-x   2 nobody  other       3072 Oct 17 23:45 file
when it should return:
drwxr-xr-x   2 myname  other       3072 Oct 17 23:45 cgi-bin

How do I make PERL change the ownership of that file?  Yes it is a cgi-script off a web server.
0
 
LVL 1

Expert Comment

by:ghjm
ID: 1205468
If the cgi script is running under the account "nobody" then it does not have permission to create a file owned by "myname."  One thing that might help, if nobody and myname are in fact members of the same group (as you indicate), is to create the file or directory mode 0770 instead of 0700 (ie, rwxrwxr-x) - then you will be able to edit the file from your user account.
0
 

Author Comment

by:cide
ID: 1205469
Anyway to get it so I actually own the files?
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 1

Expert Comment

by:ghjm
ID: 1205470
I don't understand what you want besides what I've already given you. If you want the files to be owned by you, then the process that creates them has to run under your uid. If the process is running as nobody then the files will be owned by nobody.
0
 

Accepted Solution

by:
nvoxland earned 50 total points
ID: 1205471
If you run chmod 6755 on your cgi script it will run (and therefore output files) as whoever owns the script (you) rather than the user that is running the script (nobody).  Doing this does open some security holes in that if the script can now do anything you can do, but this shouldn't be too much of a problem as long as you aren't passing in dangerous parameters or are checking them before they are used.  
0
 

Author Comment

by:cide
ID: 1205472
I get the following error message when I try to chmod my files 6755:
501 CHMOD: Mode value must be between 0 and 0777
0
 

Author Comment

by:cide
ID: 1205473
Well I did the chmod through telnet rather then FTP and it seems to work only now some of my files that would write under the old premissions won't write anymore.  Any idea why?
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

On Microsoft Windows, if  when you click or type the name of a .pl file, you get an error "is not recognized as an internal or external command, operable program or batch file", then this means you do not have the .pl file extension associated with …
I have been pestered over the years to produce and distribute regular data extracts, and often the request have explicitly requested the data be emailed as an Excel attachement; specifically Excel, as it appears: CSV files confuse (no Red or Green h…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now