Solved

Permissions necessary for CGI to create files

Posted on 2001-07-17
5
174 Views
Last Modified: 2013-12-25
I would like to have a perl cgi script that will create a text file.  I found that my script can do this easily if the document root has full permissions (chmod 777) but I don't think that this is a good idea to leave full permission open, right? This is the basic structure of my web:

The absolute path is /home/sites/site1/users/~user1/

The web document root is /~user1/web/

location of cgi-bin is inside of /web like this
/~user1/web/cgi-bin/

My question is this, what should the permissions be for the document root and the cgi-bin to allow my cgi script to be able to create files and read files. I am using the HTTP_REFERRER env var to check and make sure the cgi-script can only be run from my site.

Thanks for your help
0
Comment
Question by:Sanju043097
5 Comments
 
LVL 10

Accepted Solution

by:
makerp earned 100 total points
ID: 6292848
cgi-bin needs read/execute rights

root needs write/read rights

never give write and execute writes to the same dir as if somebody uploads an exe/script they can execute it a trash the server. your cgi-bin dir should use another dir for writing files, in your case use your root
0
 

Author Comment

by:Sanju043097
ID: 6302810
Thanks makerp that did the trick
0
 
LVL 16

Expert Comment

by:maneshr
ID: 6697093
Sanju,

Since you have found the solution you wanted in the answer posted by makerp, please go ahead & award the points to makerp.

Thanks,
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6697444
I am sorry to see that Asker has not returned to update and finalize this question.  I am, therefore, force accepting this question.  In the event the Asker returns with additional needs related to this question, please respond and continue the collaboration process.
Thank you,
Moondancer
Community Support Moderator @ Experts Exchange
0
 
LVL 1

Expert Comment

by:kodiakbear
ID: 6697450
Accepting makerp's comment as answer due to inactivity
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I will show you how to create a ASP.NET Captcha control without using any HTTP HANDELRS or what so ever. you can easily plug it into your web pages. For Example a = 2 + 3 (where 2 and 3 are 2 random numbers) Session("Answer") = 5 then we…
SASS allows you to treat your CSS code in a more OOP way. Let's have a look on how you can structure your code in order for it to be easily maintained and reused.
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now