You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Ken Hilliard <ke...@seqid.com> on 2003/01/21 00:59:21 UTC

[users@httpd] File Access Rights

I wrote an Apache (Perl) CGI script running on Windows 2000 Server. My
script needs to generate graphics files and store them in a file. Under
Windows it looks like my script can read/write files into any directory.

I want to migrate to RedHat Linux. What are the rules concerning Apache CGI
programs with regard to creating and writing files? I read that Apache child
processes normally run as "nobody". How can I setup my Perl CGI script so
that it has a directory into which I can write files? Thanks in advance.



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] File Access Rights

Posted by Jacob Coby <jc...@listingbook.com>.

> I wrote an Apache (Perl) CGI script running on Windows 2000 Server. My
> script needs to generate graphics files and store them in a file. Under
> Windows it looks like my script can read/write files into any directory.
>
> I want to migrate to RedHat Linux. What are the rules concerning Apache
CGI
> programs with regard to creating and writing files? I read that Apache
child
> processes normally run as "nobody". How can I setup my Perl CGI script so
> that it has a directory into which I can write files? Thanks in advance.

As the root user, run:

chown nobody.nobody /path/to/images
chmod 700 /path/to/images

that says that user nobody group nobody owns the /path/to/images directory
and that only it has read/write/execute (exec means it can look at the
directory in this context) to that dir.  You could also chmod 755 to say
that user nobody has read/write/exec and the rest of the world has read/exec
(so you can at least see whats being put there).

Once that's done, you just need to modify your perl script to put its files
in /path/to/images

-Jacob


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org