Dean Michael C. Berris wrote:
Are you running the script as root on the command line?
See, when you invoke the script from the web, apache/[your http server] runs it as a different user -- therefore the script can only do what the user which invoked it can do or have access to. Unless of course apache/[your http server] is running as UID 0, which is a very VERY bad idea. ;)
So if the user cannot access
Advice: please don't make scripts that are SUID root and invoke the script via http/remote automatic invocation, and therefore a very VERY insecure practice. Just my $0.02 worth. :D
Glenn Remot wrote:
gurus:
i have a cgi script that's trying create a directory in my /home. upon execution through web i see this errors on my kernel:
transition kernel: audit(1110532977.680:0): avc: denied { write } for pid=24221 exe=/usr/bin/perl name=/ dev=sdb1 ino=2 scontext=root:system_r:httpd_sys_script_t tcontext=system_u:object_r:home_root_t tclass=dir
when i try to execute the script from the command line, i get no errors.
has anybody experienced a similar problem.
i'm using RH EL 4 kernel 2.6.9-5
thanks and GOD bless.
glenn -- Philippine Linux Users' Group (PLUG) Mailing List plug@lists.q-linux.com (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
my permissions are fine sir. i'll try to dig in deeper. ^_^ -- Philippine Linux Users' Group (PLUG) Mailing List plug@lists.q-linux.com (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
