?
Solved

Permissions necessary for CGI to create files

Posted on 2001-07-17
5
Medium Priority
?
184 Views
Last Modified: 2013-12-25
I would like to have a perl cgi script that will create a text file.  I found that my script can do this easily if the document root has full permissions (chmod 777) but I don't think that this is a good idea to leave full permission open, right? This is the basic structure of my web:

The absolute path is /home/sites/site1/users/~user1/

The web document root is /~user1/web/

location of cgi-bin is inside of /web like this
/~user1/web/cgi-bin/

My question is this, what should the permissions be for the document root and the cgi-bin to allow my cgi script to be able to create files and read files. I am using the HTTP_REFERRER env var to check and make sure the cgi-script can only be run from my site.

Thanks for your help
0
Comment
Question by:Sanju043097
5 Comments
 
LVL 10

Accepted Solution

by:
makerp earned 400 total points
ID: 6292848
cgi-bin needs read/execute rights

root needs write/read rights

never give write and execute writes to the same dir as if somebody uploads an exe/script they can execute it a trash the server. your cgi-bin dir should use another dir for writing files, in your case use your root
0
 

Author Comment

by:Sanju043097
ID: 6302810
Thanks makerp that did the trick
0
 
LVL 16

Expert Comment

by:maneshr
ID: 6697093
Sanju,

Since you have found the solution you wanted in the answer posted by makerp, please go ahead & award the points to makerp.

Thanks,
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6697444
I am sorry to see that Asker has not returned to update and finalize this question.  I am, therefore, force accepting this question.  In the event the Asker returns with additional needs related to this question, please respond and continue the collaboration process.
Thank you,
Moondancer
Community Support Moderator @ Experts Exchange
0
 
LVL 1

Expert Comment

by:kodiakbear
ID: 6697450
Accepting makerp's comment as answer due to inactivity
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Suggested Courses
Course of the Month13 days, 8 hours left to enroll

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question