-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/18/07 4:01 AM, Nick Holland wrote:
>> I plan to implement cgi. > > which means you probably (though not certainly) have an app which > requires the ability to write to files. If that is true, that means > you have negated at least some of the benefit of chrooting. You may > have to pull some tools into the chroot, that will also negate more > of the benefit of chrooting. At some point, you may do enough > damage to the chroot idea, it might not be worth fighting with > anymore. A related question from a cgi newbie: What are the best practices for writing responses to a form to a file within the chroot? I pulled just enough of perl into the chroot for a script to work, and write to a file in /var/www/tmp with permissions of 0640 and owner:group of www:bin. Anything else? thanks dn iD8DBQFGdp1tyPxGVjntI4IRAuENAJ90tc0VEmth1W4N9T/h2uuGep1mUwCglkF0 P43BLBWQFEwF/ZOgMmh0rLY= =pq6U -----END PGP SIGNATURE-----
