[Chicago-talk] chown inside a script
Jason Rexilius
jason at hostedlabs.com
Wed Dec 5 20:59:14 PST 2007
No, thats a function of the OS.. It shouldnt allow you you to do that
without explicit suid..
By the way, suid access from CGI or web UI is very very dangerous.. You
had best really understand what you are doing from a security perspective.
Jay Strauss wrote:
> Thanks.
>
> But I don't think that will work in my case, because I'm doing it from
> a web page, I had to create an suid link to chown, to call from my
> cgi.
>
> Unless there is some way to do it from inside perl, but still change
> ownership of file not owned by the webserver.
>
> Thanks
> Jay
>
> On Dec 5, 2007 8:42 PM, Brian Katzung <briank at kappacs.com> wrote:
>>
>>
>> Jonathan Rockway wrote:
>>> On Wed, 2007-12-05 at 15:58 -0600, Andy Lester wrote:
>>>> system( 'chown', 'whoever', glob( '/home/blah/blah/whatever*' ) );
>>> BTW, chown is a builtin function:
>>>
>>> chown $uid, $gid, </path/to/files/*>
>>>
>>> Regards,
>>> Jonathan Rockway
>> Putting it all together (except for error checking :-),
>>
>> chown scalar(getpwnam "jblum"), -1,
>> glob("/opt/montrose/private/active/PROSPECT/07120415*");
>>
>> Programming by committee. We should qualify for government work. :-)
>>
>> - Brian
>>
>> --
>> Brian Katzung, Kappa Computer Solutions, LLC
>> Leveraging UNIX, GNU/Linux, open source, and custom
>> software solutions for business and beyond
>> Phone: 877.367.8837 x1 http://www.kappacs.com
>>
>>
>> _______________________________________________
>> Chicago-talk mailing list
>> Chicago-talk at pm.org
>> http://mail.pm.org/mailman/listinfo/chicago-talk
>>
> _______________________________________________
> Chicago-talk mailing list
> Chicago-talk at pm.org
> http://mail.pm.org/mailman/listinfo/chicago-talk
More information about the Chicago-talk
mailing list