Sounds like something fo suexec http://httpd.apache.org/docs/2.2/suexec.html --- Declerck Michael-W30479 <W30479@xxxxxxxxxxxx> wrote: > Hello, > I have a problem with an Apache version 2.2 server > running a Perl script > on an Ubuntu 6.06 machine that creates and appends a > data-file. > Currently, the data-file exists one folder deep in > the document root. > Apache clients run as the user daemon in group > daemon. > When the data-file is created, the file ownership > and group is set to > daemon. > The problem with this is that every Apache client > runs as daemon, and > could simply guess the folder and data-file name, > thus displaying > sensitive information (like contact information of > other client's input) > that they shouldn't be able to see. > > I tried modifying the Perl script to put the file in > another folder > outside of the Apache root directory, fortunately > Apache denies > permission to all folders outside the document > root(with the right > configuration). > > The client should be able to view the index page, > input data, and run > the Perl script only. > The data-file should only be modifiable by the Perl > script, and unable > to be read, modified, or executed by daemon. > > If you have any advice or tips on this matter, I > would truly appreciate > your help. > > Michael DeClerck > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|