Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Ownership problems with PERL.

Posted on 1998-10-17
8
Medium Priority
?
177 Views
Last Modified: 2010-03-05
Hey,
    Whenever PERL creates a file on my server it's ownership is set to "nobody" instead of my name.  Now I don't own the server, but I know the owner enough so he'd make changes.  So how would I change it so I have ownership of the files without compermising security?

Thanks in Advance
0
Comment
Question by:cide
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 1

Expert Comment

by:ghjm
ID: 1205466
There has to be more to this than you're telling us. The process running the perl script must be suid nobody. If you want the files to be created owned by your account, the process will have to run suid you. Whether this is possible, or whether it will create a security compromise, very much depends on the details. Is this a cgi script for a Web server?
0
 

Author Comment

by:cide
ID: 1205467
When I telnet into my server and type ls -l it returns:
drwxr-xr-x   2 nobody  other       3072 Oct 17 23:45 file
when it should return:
drwxr-xr-x   2 myname  other       3072 Oct 17 23:45 cgi-bin

How do I make PERL change the ownership of that file?  Yes it is a cgi-script off a web server.
0
 
LVL 1

Expert Comment

by:ghjm
ID: 1205468
If the cgi script is running under the account "nobody" then it does not have permission to create a file owned by "myname."  One thing that might help, if nobody and myname are in fact members of the same group (as you indicate), is to create the file or directory mode 0770 instead of 0700 (ie, rwxrwxr-x) - then you will be able to edit the file from your user account.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:cide
ID: 1205469
Anyway to get it so I actually own the files?
0
 
LVL 1

Expert Comment

by:ghjm
ID: 1205470
I don't understand what you want besides what I've already given you. If you want the files to be owned by you, then the process that creates them has to run under your uid. If the process is running as nobody then the files will be owned by nobody.
0
 

Accepted Solution

by:
nvoxland earned 100 total points
ID: 1205471
If you run chmod 6755 on your cgi script it will run (and therefore output files) as whoever owns the script (you) rather than the user that is running the script (nobody).  Doing this does open some security holes in that if the script can now do anything you can do, but this shouldn't be too much of a problem as long as you aren't passing in dangerous parameters or are checking them before they are used.  
0
 

Author Comment

by:cide
ID: 1205472
I get the following error message when I try to chmod my files 6755:
501 CHMOD: Mode value must be between 0 and 0777
0
 

Author Comment

by:cide
ID: 1205473
Well I did the chmod through telnet rather then FTP and it seems to work only now some of my files that would write under the old premissions won't write anymore.  Any idea why?
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to  edit your files. I…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Six Sigma Control Plans

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question