[sf-perl] How to get cgi program to invoke another program as a specific non-privileged user
Ray Baxter
ray at warmroom.com
Sat May 19 15:59:47 PDT 2007
David Alban wrote:
> Any suggestions on how to accomplish this without making the build
> tool setuid?
1) Have the cgi touch a file.
2) Have the build script user run a cron job every few minutes. Check to
see if the sentinel file exists and that there is not a build in
process, then delete the file and start the build.
Elaborations on this idea: put the e-mail or other user id in the
sentinel file. Check to see if that user has permission to request a
build if that makes sense. Send them e-mail when the build is completed.
Allow for the possibility that two users will have requested a build
since the last build.
Ray
More information about the SanFrancisco-pm
mailing list