Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

CGI Script Access Fails On Linux

 [1/5] from: tim:johnsons-web at: 21-Nov-2000 18:00


On Red Hat 6.2, I have the following script: #!/usr/bin/rebol -cs REBOL[] print "Content-Type: text/html^/^/" write %test.txt "second try" when run from the command line, this works as expected. when run as cgi, this fails with the following error message: ** Access Error: Cannot open /home/httpd/cgi-bin/test.txt. ** Where: write %test.txt "second try" All permissions to the directory are set to read, write and execute. Owner is set to nobody httpd.conf has the following lines: User nobody Group nobody Does anyone have any idea of what else I should do to make this work! BTW: print read %test.txt works. TIA Tim

 [2/5] from: tim:johnsons-web at: 21-Nov-2000 21:24


hmmmm! Now I have success.... I remapped cgi-bin to another directory. (other than /home/httpd/cgi-bin) Could it be that rebol has a security block to /home/httpd/cgi-bin ? I'd welcome other observations. :) Tim Same permissions. Tim Johnson wrote:

 [3/5] from: rebol:techscribe at: 21-Nov-2000 22:53


Hi Tim, you executed the script from the command line. A file test.txt was created. This file's owner is the username under which you were logged in at the time. User nobody cannot overwrite the file created by that user. That's why you're getting the error message. Remove the file and everything should work just fine. However, you absolutely should not make the user nobody the owner of the cgi-bin directory. Nor should "other" settings permit writing to the directory. That invites trouble. I set my cgi-bin settings to 751 (giving visitors only execute permission on the directory, i.e. they can enter it). Permission settings on the file are 755. What I do is I create a directory at the same level as cgi-bin (let's call that directory temp or something else), set the permissions of that directory to 777.Your script would have to say write %../temp/test.txt Hope this helps, Elan

 [4/5] from: rebol:techscribe at: 21-Nov-2000 22:56


Tim Johnson wrote:
> hmmmm! Now I have success.... > I remapped cgi-bin to another directory.
You're seeing ghosts, Tim. It has nothing to do with REBOL (read my chapter on CGI. What did I write it for ... ;-). In the new directory you did not have a file test.txt that had been created by running the script manually (vie command line). Therefore REBOL did not encounter a test.txt file whose owner and permission settings prevented REBOL from overwriting that file. (see my previous email :-). Take Care, Elan

 [5/5] from: tim::johnsons-web::com at: 22-Nov-2000 7:45


Hi Elan: I've known all along that it was a permissions not a rebol issue. BUT I don't know what you mean about seeing ghosts... <duh>that doesn't compute </duh> But as it is now.... Script set to 755 dir set to 511 writes to file as cgi OR command-line I'm not inclined to re-direct I/O just now, but will pursue this query further with my fellow (and more advanced LUG-nuts) regarding security issues. <Comment>Really like linux but <sigh>being one's own sysadmin is taking some getting used to </sigh></comment> Thanks Elan: Hope all is going well Tim Elan wrote: