[pgh-pm] Restricting File I/O in Apache
James O'Kane
jo2y at midnightlinux.com
Wed Feb 16 13:31:06 PST 2005
Hopefully I'll remember to give all the details of the scenario.
I'm trying to find a way to keep one cgi script from reading the contents
of any file that isn't owned by the same user. Very similar to PHP's
safe_mode.
There are a few oddities of our environment that have made things harder
to do. One is AFS. The scripts in question are stored in AFS. I'll need to
double check, but if I'm remembering correctly suexec and AFS don't play
nicely so that isn't a possibility.
http://stein.cshl.org/~lstein/sbox/ looks like it would almost work, but
it would require making a small filesystem in the user's home directory
for chroot to work, and most people's home directories have a 5M quota
that is outside of my control.
An idea I had was to do something with Apache::PerlRun and do some setup
before invoking the users' script. Ideally, I would need to write or find
something that intercepted open calls and checked permissions before
allowing them to happen. I'd like to avoid writing this myself because I'm
sure I would miss something.
Does anyone have any suggestions or notice anything I've left out?
thanks
-james
More information about the pgh-pm
mailing list