Solved

Ownership problems with PERL.

Posted on 1998-10-17
8
174 Views
Last Modified: 2010-03-05
Hey,
    Whenever PERL creates a file on my server it's ownership is set to "nobody" instead of my name.  Now I don't own the server, but I know the owner enough so he'd make changes.  So how would I change it so I have ownership of the files without compermising security?

Thanks in Advance
0
Comment
Question by:cide
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 1

Expert Comment

by:ghjm
ID: 1205466
There has to be more to this than you're telling us. The process running the perl script must be suid nobody. If you want the files to be created owned by your account, the process will have to run suid you. Whether this is possible, or whether it will create a security compromise, very much depends on the details. Is this a cgi script for a Web server?
0
 

Author Comment

by:cide
ID: 1205467
When I telnet into my server and type ls -l it returns:
drwxr-xr-x   2 nobody  other       3072 Oct 17 23:45 file
when it should return:
drwxr-xr-x   2 myname  other       3072 Oct 17 23:45 cgi-bin

How do I make PERL change the ownership of that file?  Yes it is a cgi-script off a web server.
0
 
LVL 1

Expert Comment

by:ghjm
ID: 1205468
If the cgi script is running under the account "nobody" then it does not have permission to create a file owned by "myname."  One thing that might help, if nobody and myname are in fact members of the same group (as you indicate), is to create the file or directory mode 0770 instead of 0700 (ie, rwxrwxr-x) - then you will be able to edit the file from your user account.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:cide
ID: 1205469
Anyway to get it so I actually own the files?
0
 
LVL 1

Expert Comment

by:ghjm
ID: 1205470
I don't understand what you want besides what I've already given you. If you want the files to be owned by you, then the process that creates them has to run under your uid. If the process is running as nobody then the files will be owned by nobody.
0
 

Accepted Solution

by:
nvoxland earned 50 total points
ID: 1205471
If you run chmod 6755 on your cgi script it will run (and therefore output files) as whoever owns the script (you) rather than the user that is running the script (nobody).  Doing this does open some security holes in that if the script can now do anything you can do, but this shouldn't be too much of a problem as long as you aren't passing in dangerous parameters or are checking them before they are used.  
0
 

Author Comment

by:cide
ID: 1205472
I get the following error message when I try to chmod my files 6755:
501 CHMOD: Mode value must be between 0 and 0777
0
 

Author Comment

by:cide
ID: 1205473
Well I did the chmod through telnet rather then FTP and it seems to work only now some of my files that would write under the old premissions won't write anymore.  Any idea why?
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Microsoft Windows, if  when you click or type the name of a .pl file, you get an error "is not recognized as an internal or external command, operable program or batch file", then this means you do not have the .pl file extension associated with …
In the distant past (last year) I hacked together a little toy that would allow a couple of Manager types to query, preview, and extract data from a number of MongoDB instances, to their tool of choice: Excel (http://dilbert.com/strips/comic/2007-08…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question