Skip to main content.
home | support | download

Back to List Archive

Re: CGI script to build Swish-E (without command

From: SRE <eckert(at)>
Date: Mon Oct 07 2002 - 07:18:42 GMT
At 07:49 PM 10/6/02, Bill Moseley wrote:
>You would not want to do chmod 777 on a shared server.

Not for long, anyway.

>I would want to check the UID of the executing script which I'd hope would
>be your UID, which would be the case if you are running in a suexec-type of
>CGI environment.  If it's not then it really is time to look for a new ISP.

We kicked this around before. The benefits and cost of my ISP outweigh
this little limitation (for which there are workarounds) and the user
community there is such that trusting them is reasonable.

I came up with a general solution that should work anywhere... 
and lots of folks are going to have different user or group IDs
when they create a file with FTP vs. when they create from a
CGI script. That's the reason for the wide-open protection...
I have the right to chmod but not to chown, and I don't own the
files or directories the CGI script creates.

Sigh. Life is a compromise!

But what do you think of the concept, even if it needs tweaking?

Received on Mon Oct 7 07:24:04 2002