[1625] in WWW Security List Archive
Re: CGI Scripts and Permissions
daemon@ATHENA.MIT.EDU (Andrei D. Caraman)
Wed Mar 13 17:00:27 1996
Date: Wed, 13 Mar 1996 20:52:55 +0200 (EET)
From: "Andrei D. Caraman" <xax@arkenstone.pub.ro>
To: www-security@ns2.rutgers.edu
In-Reply-To: <01I28YPWJ5PKF5N8MY@dit.ie>
Errors-To: owner-www-security@ns2.rutgers.edu
On Tue, 12 Mar 1996 KGANNON@dit.ie wrote:
> If these question has been asked before excuse me I am new to the game.
>
> Has anyone had problems where they run all scripts as NOBODY (or something
> along those lines) and users start a war deleting each others
> databases,kill processes etc.
>
> If anyone has a non-wrapper based solution I would be interested in hearing
> ther input.
>
Why don't you make up a special user (say www) to run the httpd. This would
stop the users from going to war and it will also let you decide what the
daemon may / may not do.
Regards,
--
Andrei D. Caraman
Webmaster at Data Network Center - "Politehnica" University of Bucharest
xax@arkenstone.pub.ro http://www.pub.ro/~xax
