Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Allowing CGI script to read directory?

Status
Not open for further replies.

jb53403

Programmer
Jun 23, 2010
3
US
I'm writing a CGI script in UNIX that needs to be able to read the contents of a directory /foo/bar on the server. The problem I'm running into is the 'nobody' user doesn't have permission to read /foo/bar.

# This doesn't work...
my @configs_glob = glob("/foo/bar/*.ini");

# Permissions of /foo/bar directory...
drwxrwsr-x

My attempted solution was to have a little "listdir" script with SUID set, so "listdir" would execute as the owner of /foo/bar, thereby having permission to read /foo/bar.

# This is my attempted solution...
my @configs_glob = `listdir '/foo/bar/*.ini'`;

# Contents of "listdir" script...
directory=$1
ls $directory

# Permissions of "listdir" are: -rwsr-xr-x
# Owner of "listdir" is same as owner of /foo/bar

If I throw a little "whoami" command in the "listdir" script, it returns 'nobody'. My knowledge of SUID must be lacking. Any help?
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top