Solved

Permissions necessary for CGI to create files

Posted on 2001-07-17
5
177 Views
Last Modified: 2013-12-25
I would like to have a perl cgi script that will create a text file.  I found that my script can do this easily if the document root has full permissions (chmod 777) but I don't think that this is a good idea to leave full permission open, right? This is the basic structure of my web:

The absolute path is /home/sites/site1/users/~user1/

The web document root is /~user1/web/

location of cgi-bin is inside of /web like this
/~user1/web/cgi-bin/

My question is this, what should the permissions be for the document root and the cgi-bin to allow my cgi script to be able to create files and read files. I am using the HTTP_REFERRER env var to check and make sure the cgi-script can only be run from my site.

Thanks for your help
0
Comment
Question by:Sanju043097
5 Comments
 
LVL 10

Accepted Solution

by:
makerp earned 100 total points
ID: 6292848
cgi-bin needs read/execute rights

root needs write/read rights

never give write and execute writes to the same dir as if somebody uploads an exe/script they can execute it a trash the server. your cgi-bin dir should use another dir for writing files, in your case use your root
0
 

Author Comment

by:Sanju043097
ID: 6302810
Thanks makerp that did the trick
0
 
LVL 16

Expert Comment

by:maneshr
ID: 6697093
Sanju,

Since you have found the solution you wanted in the answer posted by makerp, please go ahead & award the points to makerp.

Thanks,
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 6697444
I am sorry to see that Asker has not returned to update and finalize this question.  I am, therefore, force accepting this question.  In the event the Asker returns with additional needs related to this question, please respond and continue the collaboration process.
Thank you,
Moondancer
Community Support Moderator @ Experts Exchange
0
 
LVL 1

Expert Comment

by:kodiakbear
ID: 6697450
Accepting makerp's comment as answer due to inactivity
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article covers the basics of the Sass, which is a CSS extension language. You will learn about variables, mixins, and nesting.
This article is meant to give a basic understanding of how to use R Sweave as a way to merge LaTeX and R code seamlessly into one presentable document.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question