On Thu, 2011-11-10 at 20:45 +0100, Terri I. wrote: > Craig White wrote in post #1031292: > > On Nov 10, 2011, at 11:08 AM, Terri I. wrote: > > > >> I have a task that I would like to have run automatically throughout the > >> day without user intervention (guessing I would use a cron job to run a > >> rake task). It will be reading in an RSS feed and using that data to > >> update a database. The application is secure, using https and requiring > >> user certs. So how do you go about having an automated task run with > >> basically the rights of the server, as opposed to passing in user > >> credentials? > > ---- > > cron tasks run as the user > > > > su - root > > crontab -e > > > > su - administrator > > crontab -e > > > > 2 different crontabs executed as each user > > > > Craig > > > Well, the root or administrator user don't have X509 certificates that > can be read in. Is there a different way to run code automatically > without requiring user credentials, that can only be called by the > server (such that a user couldn't hack in by entering the > controller/method in the URL)? > There's got to be a way of running server-type tasks that you don't want > users being able to launch. I'm sure I'm missing something simple > here... ---- correct me if any of these assumptions are wrong...
- everything essentially runs in user space (as some user) - generating 'user certificates' is under your control - you can generate a specific 'user' whose sole mission is to run this process - you have control over the web server and could use 'deny,allow' directives to only allow connections from localhost to that specific URL - you have a system capable of running curl Assuming these things to be true, it should be relatively simple to create a user, create a cron job for this user that runs a specific curl script that uses a client certificate to GET/POST a specific URL Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
