Mailing List Archive

ModPerl Questions
Hi,

My Webserver is Apache/2.0.40 with Perl 5.8.0 and mod_perl-1.99_07-5 on a
RH9 box.

A simple perl script can see everything on the server. The sys user of
domain.com is xxx and home directory of this user is
/home/httpd/domain.com/htdocs. I want to make a setting, that the xxx user
can do something only in the homedirectory.

Is there a soluion?

--- dumy.pl ---
#!/usr/bin/perl

print "Content-type:text/html\n\n";

foreach my $var (sort keys %ENV) {
print $var . "=" . $ENV{$var} . "<br>\n";
}

@x = `cat /etc/passwd`;
print "<pre>";
print "@x";
print "</pre>";



--- in conf file ---

<Directory /home/httpd/domain.com/htdocs>
<IfModule mod_perl.c>
<Files ~ (\.pl)>
SetHandler perl-script
PerlHandler ModPerl::Registry
Options ExecCGI
allow from all
PerlSendHeader On
</Files>
</IfModule>



Best Regards
Cihangir


---------------------------------------------------------------------
To unsubscribe, e-mail: advocacy-unsubscribe@perl.apache.org
For additional commands, e-mail: advocacy-help@perl.apache.org
Re: ModPerl Questions [ In reply to ]
On Fri, 23 Dec 2005 15:06:21 +0200
"A. Cihangir Baltaci" <cbaltaci@turkisp.com> wrote:

> Hi,
>
> My Webserver is Apache/2.0.40 with Perl 5.8.0 and mod_perl-1.99_07-5
> on a RH9 box.
>
> A simple perl script can see everything on the server. The sys user of
> domain.com is xxx and home directory of this user is
> /home/httpd/domain.com/htdocs. I want to make a setting, that the xxx
> user can do something only in the homedirectory.
>
> Is there a soluion?

This isn't really the right list for this type of question, you want
to use the modperl@perl.apache.org list for this.

But the short answer, if I'm understanding your question correctly,
is yes and no. No in that there isn't any magic jailing code you
can include, but yes in the fact that if the user's perl script
is running as their user then while they may be able to SEE many
files they can't do anything with them due to the unix file
permissions.

---------------------------------
Frank Wiles <frank@wiles.org>
http://www.wiles.org
---------------------------------


---------------------------------------------------------------------
To unsubscribe, e-mail: advocacy-unsubscribe@perl.apache.org
For additional commands, e-mail: advocacy-help@perl.apache.org