[sf-perl] How to get cgi program to invoke another program as a specific non-privileged user
shift8
shift8 at digitrash.com
Sat May 19 19:47:28 PDT 2007
apache 1.2+ has its own suExec that allows for cgi's *in the home
directory of a given user* to run as that user - i've used it before,
but long ago. it does work:
http://httpd.apache.org/docs/1.3/suexec.html
apache 2.0 has a like module:
http://httpd.apache.org/docs/2.0/mod/mod_suexec.html
On Sat, 2007-05-19 at 15:59 -0700, Ray Baxter wrote:
> David Alban wrote:
> > Any suggestions on how to accomplish this without making the build
> > tool setuid?
>
> 1) Have the cgi touch a file.
>
> 2) Have the build script user run a cron job every few minutes. Check to
> see if the sentinel file exists and that there is not a build in
> process, then delete the file and start the build.
>
> Elaborations on this idea: put the e-mail or other user id in the
> sentinel file. Check to see if that user has permission to request a
> build if that makes sense. Send them e-mail when the build is completed.
> Allow for the possibility that two users will have requested a build
> since the last build.
>
> Ray
>
>
>
> _______________________________________________
> SanFrancisco-pm mailing list
> SanFrancisco-pm at pm.org
> http://mail.pm.org/mailman/listinfo/sanfrancisco-pm
>
--
Mechanize something idiosyncratic.
More information about the SanFrancisco-pm
mailing list