On Mon, 18 Mar 2002 14:17:35 EST [EMAIL PROTECTED] wrote: > We have a product that at the moment uses a combination of CGI and mod_perl. > While in the future it will be totally ported to mod_perl, until we figure > out exactly how we'd like to overcome the 'expat' issues we're stuck with a > mixed-mode enviroment. > > Here however is the current problem. The cgi script under a specific set of > circumstances (signing up a new account) copies a directory using a fork to > the system's cp command and they're created as user: apache group: apache. > > I'm not by nature a linux mod_perl programmer and thus I'm not totally up on > the nuances of what I'm doing here. I needed a quick solution to copying a > template directory to a user directory when a new user account was created, > and since it happened only once during the user's process I figured a fork to > cp was worth the performance hit for the simplicity it provided. Single line > of code vs some directory recurison scheme. > > The problem is when I later try access the files or directories under either > mod_perl or the cgi process the server returns an error unless I set the > chmod to 777 on the files. This is obviously not good. > > I have done some looking into using $> before I write the file but I hadn't > found anything about using this under mod_perl ... let alone mod_cgi ... > except that generally it's a bad idea to setuid to root. um yeah ... I wasn't > gonna do that ... I just didn't want to give the world 777 access to files > that run under apache:apache. I also didn't want to follow bad with worse > implimenetation wise. > > Is there a simple secure method for copying a directory from a template > directory to a user directory and then giving access to the (new) user > directory?
You may want to look into useradd and /etc/skel on a Linux system. It has everything you are trying to accomplish handled automatically by using the standard Linux user creation techniques. No need to re-implement the wheel. :) --------------------------------- Frank Wiles <[EMAIL PROTECTED]> http://frank.wiles.org ---------------------------------
