[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: opinion on shell cgi scripts

To: Gaby Vanhegan <gaby@vanhegan.net>, misc@openbsd.org
Subject: Re: opinion on shell cgi scripts
From: Wijnand Wiersma <wwiersma@gmail.com>
Date: Mon, 1 Nov 2004 12:25:08 +0100
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=qkyEJfsaIUnVF3zzPOnrBlAW09mN/TAB90EyviE3FlWwW9aI8aIIrZ34Zh6ZX39eTQtdUnuLTB2We9OcBMUqOffyTmzroV4qIUat02MXgTC4Lf6cnLU9C2SXi6QCjo/YY0c0X3rHN1x2iiGHbDse1XGZYuWPb4rj/HZTCiMP7Kc=
References: <41801A79.90008@mitc.net> <20041030122143.GH508@wooledge.org> <418619D6.4080701@vanhegan.net>

On Mon, 01 Nov 2004 11:11:18 +0000, Gaby Vanhegan <gaby@vanhegan.net> wrote:

> Out of interest, what's wrong with using something like:
> 
> system( "my.script.sh" );
> 
> In some Perl CGI or PHP?  Unless you give the script SUID permissions,

You can't make scripts suid, only binaries.

> it's never going to be able to run as anything other than the apache user.

Which can  be very bad on a shared hosting account, especially when
every website is served by the very same apache instance.

Follow-Ups:
- Re: opinion on shell cgi scripts
  - From: Johan SANCHEZ <johansz@free.fr>
- Re: opinion on shell cgi scripts
  - From: Wijnand Wiersma <wwiersma@gmail.com>

References:
- Re: opinion on shell cgi scripts
  - From: Gaby Vanhegan <gaby@vanhegan.net>

Prev by Date: 여성우대 카드대출!!!상담먼저 받으세요!
Next by Date: Re: throttling cpu speed to run cooler
Prev by thread: Re: opinion on shell cgi scripts
Next by thread: Re: opinion on shell cgi scripts
Index(es):
- Date
- Thread