Mailing list home
  Find posts   Help

Latest messageRecent messages

Other threads:
 Prev: Email Error
 Next: Area bug?

 Random thread

Indexes:
 By topic
 By date
 By author
 By subject
Join the Mailing List....
AccessibilityAbout / FAQ
Member's loungeContact/FeedbackOther REBOL links
Membership:
member name

password

Remember?

Not a member? Please join
16-Apr 20:53 UTC
[0.105] 14.541k
Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

CGI directory access questions

 [1/6] from: jason:cunliffe:verizon at: 4-Sep-2002 19:15


Rebol CGI Permissions 101 I guess.. I can now upload files happily via http, using Andreas' multipart/form script. But still need help understanding how basic file and directory permissions work from rebol CGI. Example: When I login and run my %testupdir.r script from the bash shell it works OK: ---------------------- #!/home/rebol/rebol -cs REBOL [] print "Content-type: text/html^/^/" message: "hello testing writing to a directory via cgi script" append message rejoin [newline read %. " " now/time] updir: %uploads/ filename: %testupdir.txt filepath: join updir filename write filepath message ; does not work from CGI ;write filename message ; works from CGI quit ---------------------- Login and then running script manually from REBOL shell works too, but I get security prompt:
>> now
== 4-Sep-2002/18:44:08-4:00
>> do %testupdir.r
REBOL - Security Check: Script requests permission to open a port for read/write on: /web/turbulence/www/Works/trees/vanilla/uploads/testupdir.txt Yes, allow all, no, or quit? (Y/A/N/Q) Y
>> read %uploads/testupdir.txt
== {hello testing writing to a directory via cgi script 18:44:27longpath} BUT, when I call it as CGI directly in a browser url, it returns this error: ** Access Error: Cannot open /web/turbulence/www/Works/trees/vanilla/uploads/testupdir.txt ** Where: do-boot ** Near: write filepath message However, if I change script above instead to write into the current directory, then its OK! Q1: What do I need to do to so my script has permissions to run from CGI and read/write into a subdirectory? Q2: Why does it work ok as bash shell executable, but needs manual confirmation in REBOL shell. Q3: What options are there for controlling these permissions? Q4: What checks can I run in rebol CGI scripts to check permission first for directories => create, read, or write thanks ./Jason

 [2/6] from: carl:cybercraft at: 5-Sep-2002 17:56


Hi Jason, My guess would be that your problem isn't a CGI-specific one, but just a case of REBOL's standard security level settings. REBOL runs in a sandbox, and any attempt to access files outside of it causes a warning. See "Security Issues" in the Core Guide's "Operation" section here... http://www.rebol.com/docs/core23/rebolcore-2.html for how to alter the security levels. Hope that puts you on the right track. Carl. On 05-Sep-02, Jason Cunliffe wrote:
> "Rebol CGI Permissions 101" I guess.. I can now upload files happily > via http, using Andreas' multipart/form script. But still need help
<<quoted lines omitted: 44>>
> thanks > ./Jason
-- Carl Read

 [3/6] from: jason:cunliffe:verizon at: 5-Sep-2002 6:33


> My guess would be that your problem isn't a CGI-specific one, but just > a case of REBOL's standard security level settings. REBOL runs in a
<<quoted lines omitted: 4>>
> for how to alter the security levels. > Hope that puts you on the right track.
Thanks Carl, I have tried all the obvious permutations already using 'secure, including changing he bangpath with my script to: #!/home/rebol/rebol -c --secure allow Then it simply prints "REBOL" to the browser. and does nothing else.. My guess is that the problem is a bit of both [CGI and 'secure]. The script works OK as an executable, but not from CGI, when writes into another current directory. Q: Is it possible to write to another directory via CGI? I can't find anything about this, nor in any CGI script examples so far.. This wonderful but addictive x-internet language really needs better internet documentation. ./Jason

 [4/6] from: gscottjones::mchsi::com at: 5-Sep-2002 9:25


From: "Jason Cunliffe"
> I have tried all the obvious permutations already using 'secure, including > changing he bangpath with my script to: > > #!/home/rebol/rebol -c --secure allow > Then it simply prints "REBOL" to the browser. and does nothing else..
Hi, Jason, I haven't been following this thread closely, but in case you haven't tried it, you may wish to try: #!/home/rebol/rebol --cgi -s If I recall correctly (which is a big "if" :-), one of the REBOL platforms had a bug that required the -c to be "spelled out" to "--cgi". I remember it was the only thing that worked about 16 months ago for me (but I've slept at least 500 times since then, so my memory may be at fault!). --Scott Jones

 [5/6] from: jason:cunliffe:verizon at: 5-Sep-2002 11:38


> I haven't been following this thread closely, but in case you haven't tried > it, you may wish to try: > #!/home/rebol/rebol --cgi -s
Hi Scott Thanks. Nice try.. --cgi -s << No. script just hangs. -cs << It works, but only for read+write in the *current* directory. Unless there is some other incantation using 'secure I am suspecting it might be only possible when the cgi script is owned by apache. However I did find a healthy looking example of the sort thing I ma needing to do: http://www.reboltech.com/library/html/cgicomment.html REBOL [ Title: "CGI Web Page Comment Poster" Author: "Carl Sassenrath" Date: 14-Sep-1999 File: %cgicomment.r Purpose: {Allows viewers to add comments to a web page. (needs webcomment.r to create example forms file).} ...snip code... ;-- The file name of the article is provided in a hidden input ; field within the HTML of the article. Use this string to ; build the path to the file from CGI dir. Remember that the ; file must have write permissions if you want add comments. file: join %../web/ cgi/file ;-- Create the text of the new comment from the CGI input. ; If the type is code, then display it as preformated TTY. new-comment: make-comment cgi/from now either cgi/type = "code" [ rejoin ["<pre>" cgi/comment </pre>]][cgi/comment] ;-- Read the HTML file, add the newest comment to it, and write ; it out. An HTML comment is used to mark where it goes. page: read file insert find page <!--comments--> new-comment write file page Carl notes "Remember that the file must have write permissions if you want add comments." To be sure, I set my target "uploads" folder writable to all: drwxrwxrwx 2 jasonic jasonic 4096 Sep 3 11:46 uploads There are images I have uploaded via http: -rw-r--r-- 1 apache apache 10644 Aug 30 18:37 test.jpg and for comparison, a file which was generated by script from bash shell, not cgi: -rw-rw-r-- 1 jasonic jasonic 69 Sep 4 18:44 testupdir.txt So this may be entirely an Apache thing. What I am need to determine is how much control I have within REBOL, to fix this situation. any ideas? ./Jason

 [6/6] from: andreas:bolka:gmx at: 5-Sep-2002 19:05


Thursday, September 5, 2002, 12:33:24 PM, Jason wrote:
> Q: Is it possible to write to another directory via CGI?
Of course it is - if you're allowing the CGI to do so. I guess you've a unix rights problem - you'd better have a look wether the CGI is allowed to write to your target directory. -- Best regards, Andreas mailto:[andreas--bolka--gmx--net]
Notes
  • Quoted lines have been omitted from some messages.
    View the message alone to see the lines that have been omitted