On Feb 6, 2004, at 1:19 PM, Ken Ray wrote:
chmod a+x some-script.mc chmod +s some-script.mc
Now some-script.mc should run as "ken", even if the web server is running the script as the user "www".
That worked really well, Alex...
Glad it worked! Apache suExec would be a better solution though.
Be warned that suid scripts are convenient, but can be dangerous on a multiuser system. If you don't trust everyone who has shell accounts on your machine, beware! It you trust them, or there aren't any then it should be fine. See
<http://www.pi.infn.it/html/cgisecdef.html#auto_7.5> <http://www.w3.org/Security/Faq/wwwsf4.html#CGI-Q20>
There is utility called CGIWrap which is just a tiny suid C program to launch your shell script- which avoids various security problems with suid scripts.
I was able to do this via Terminal and everything works fine now. Now I noticed that this was using bash and not tcsh; Panther automatically used bash in Terminal, but Jaguar was using tcsh and I had to run bash separately before I could apply your changes above.
I think Jaguar did not ship with bash installed. Can't remember for sure. In Panther bash is the default shell.
I guess tcsh must put some limits on suid bit setting, probably relating to the security issues I mentioned.
So two questions:
1) If I were to want to run the script above from Rev, how would I concatenate multiple commands in a single shell()?
Use semicolon to separate commands
chmod a+x some-script.mc ; chmod +s some-script.mc
Or if you want to run the 2nd script only if the 1st succeeds use an AND operator &&:
chmod a+x some-script.mc && chmod +s some-script.mc
2) If the OS is currently running tcsh, how would I add invoking bash before the script lines above using shell()?
set the shellCommand to "/bin/bash" -- or wherever
On Panther, /bin/sh is the same as /bin/bash
Try put shell("env") to see what shell is running, and other environment variables.
If you didn't want to change the shellCommand, you could do it like on the command line like
/bin/bash -c "commands here"
But using the shellCommand seems easier.
-- Alex Rice | Mindlube Software | http://mindlube.com
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
