[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Http server with authenticated user suexec cgi's

Hello Dustin 

On 2 Apr 2003 at 8:07, Dustin Douglas wrote:

> I don't know of anything that does everything that you want, but a
> good starting point might be the apache suexec docs. For apache 1.3.x
> they can be found at http://httpd.apache.org/docs/suexec.html
> 
> Implementing the desired functionality is left as an exercise to the
> reader.

Apache suexec will not do this. This runs the cgi scripts with the 
uid of the "owner" of the website, where there are many websites with 
many "owners" on the same server.

I am looking for a system to run the cgi scripts with the uid of the 
authenticated user. Ie, one server, one web site, many system users 
each running the cgi's with their own uid.

This is the same security situation as a user logging in via a telnet 
prompt and running system utilities like "ls" or "vi". Except I want 
the user to login via a web page and run cgi's to make things more 
user friendly.


Regards

Ian

---------------------------------------------------------------------
Ian Forbes ZSD
http://www.zsd.co.za
Office: +27 21 683-1388  Fax: +27 21 674-1106
Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa
---------------------------------------------------------------------
Reply to: