[pgh-pm] Restricting File I/O in Apache

James O'Kane jo2y at midnightlinux.com
Wed Feb 16 13:31:06 PST 2005


Hopefully I'll remember to give all the details of the scenario.

I'm trying to find a way to keep one cgi script from reading the contents 
of any file that isn't owned by the same user. Very similar to PHP's 
safe_mode.

There are a few oddities of our environment that have made things harder 
to do. One is AFS. The scripts in question are stored in AFS. I'll need to 
double check, but if I'm remembering correctly suexec and AFS don't play 
nicely so that isn't a possibility.

http://stein.cshl.org/~lstein/sbox/ looks like it would almost work, but 
it would require making a small filesystem in the user's home directory 
for chroot to work, and most people's home directories have a 5M quota 
that is outside of my control.

An idea I had was to do something with Apache::PerlRun and do some setup 
before invoking the users' script. Ideally, I would need to write or find 
something that intercepted open calls and checked permissions before 
allowing them to happen. I'd like to avoid writing this myself because I'm 
sure I would miss something.

Does anyone have any suggestions or notice anything I've left out?

thanks
-james




More information about the pgh-pm mailing list