[99465] in RedHat Linux List
Re: UID for CGI program
daemon@ATHENA.MIT.EDU (Ed Lazor)
Sat Nov 14 15:05:10 1998
From: "Ed Lazor" <osmosis@navicom.net>
To: <redhat-list@redhat.com>
Date: Sat, 14 Nov 1998 12:03:38 -0800
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
>I want to write to any directory i want. What user can i use (I'm the
>root).
>Will files in the /tmp be deleted once Linux is shutdown.
There's an account on your linux box called "nobody". The account
"nobody" is used to run the web server. The web server "inherits"
the same rights as the user account "nobody". Since the web user
is running with "nobody" 's UID, any programs that are run from
the web server also "inherit" "nobody" 's permissions.
It's done this way for security. Since anyone can access the web
server program, It's like letting everyone have access to your "nobody"
account. The result - you want to limit what they can do.
It's not an attempt at limiting what you can do as root on your system.
It's just protecting you from what others could do. Basically, you don't
want your CGI programs to be able to access everything and anything
on your computer unless you don't mind everyone in the world (hackers
included) being able to go in and do whatever they want to your system.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
