Very very bad idea! Never run a network accessible daemon as root. Any vulnerability in the daemon will allow an attacker or worm root access to your machine.
Go the other direction and assure that the program you are calling has the necessary permissions set for the user running the daemon. Chgrp on the program to a new group and add the daemon user to that group. At the very most, if your called program requires root (like ping) then you can set-uid the program to root. Still very bad but not as bad as running the entire daemon as root. Set-uid article written by Jay Beale of Bastille Linux - Look at the 'Lessening the Risk' section http://networking.earthweb.com/netsecur/article.php/624001 You should consider putting your webserver in a chroot jail and copying or statically compiling what you need in that chroot'd environment http://www.acme.com/software/thttpd/notes.html#chroot -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of PRASANTH M P Sent: Monday, April 26, 2004 3:20 AM To: [EMAIL PROTECTED] Cc: Bruce Hudson Subject: [Perl-unix-users] (no subject) Hi , Your favorable reply was so helpful for me to solve the problem.The main problem was that the user which the webserver is running and he had not the permission to execute the command.So I simply use the -u option to specify the user of thttpd webserver and the complete command to start thttpd webserver is thttpd -d /home/prasanth/web-site/web -u root -c **.cgi -l slog. Now it is working fine. Thanks, Prasanth _______________________________________________ Perl-Unix-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs _______________________________________________ Perl-Unix-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
