|
|
|
GIVE US A CALL!
(888) 826-4687
Toll Free U.S
(888) 222-6263
Toll Free Canada
(405) 236-8200
International Calls |
|
|
How and when should I use 'setuid'?
SUMMARY
Setuid is used to make a script run as the user that created it.
DETAILED SOLUTION
You can setuid a script by changing the permissions on it. The
command is "chmod +s scriptname.cgi". This will make the script
run with the permissions of the user that created it. Normally
a script runs as the user of the process that called that script.
For example, our webserver runs as the user "http". This means
that whenever a cgi script is executed from the web, that script
runs with the permissions of user "http". If the script tries to
write to a directory that is owned by the domains user, then it
will not be able to do so.
Setuid allows the scripts to run as the user that created it, so
in the example above the script would have permission to write to
a directory owned by that user.
Please make sure that you understand setuid can be dangerous. If
a script runs as your user and is not securely written, it could
expose your website to potential hacking attempts. Please be
careful if using setuid.
LINKS TO OTHER RESOURCES
|
|
Did you find the FAQ you were looking for?
|
|
|
 |
©1997 Animus Communications
|
|
