Http server with authenticated user suexec cgi's
Hi All
I have been playing with scripts to implement some "intranet
functions" via a webrowser cgi interface.
However I quicky run into a problem with all cgi scripts running with
a single uid/gid (normally that of the apache server). To make things
work, I must give the httpd server user more rights than I want to
(or make the cgi's suid root).
What I am looking for is an httpd server + session manager that will:
- Serve a default login page.
- Authenticate a user via the system password files.
- Setup a session for that user and keep track of that session.
- Set the uid/gid of all cgi's launched on behalf of that user, to be
the uid/gid of that user.
The idea is to be able to write simple cgi's to do things like modify
a ".forward" file, or connect to a database with that user's gid/uid.
Has anybody been down this road before?
One idea, I notice that the ftp server always runs with the uid of
the user, once the user has been authenticated. I wonder if one
could use an ftp server to launch cgi scripts? Would the browser
still display the resulting html correctly?
Thanks
Ian
---------------------------------------------------------------------
Ian Forbes ZSD
http://www.zsd.co.za
Office: +27 21 683-1388 Fax: +27 21 674-1106
Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa
---------------------------------------------------------------------
Reply to: