On 7/27/05, Atte Peltomaki <atte.peltomaki@xxxxxxxxxxxx> wrote: > > > I'm trying to implement such scenario where a cgi script would be run as > > > the user that just authed against the local passwd. This way the cgi > > > script would have the same rights as the local user does. > > > > > > Anyone have any ideas how to pass the login information to suexec? > > > > If you mean HTTP authentication login, then it can't be done. This > > would violate suexec's security model. It only runs scripts based on > > their owner. > > > > You can look at cgiwrap, which is a little more flexible. But I doubt > > it will do this either. > > It didn't seem like cgiwrap would be able either. Any other ideas, > anyone? Last resort is to sourcedive for the http auth login bit, and > hook it to a homebrewn cgiwrapper, or a modified version of > suexec/cgiwrap. But this is a lot of work, perhaps too much for what it > would achieve. look into sudo. (The reason there is no easy way to do this is because it can easily create a massive security hole if it is not done extremely carefully.) Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|