Re: [users@httpd] Running cgi binaries as root

2012-01-26 Thread Mark Montague
On January 26, 2012 13:51 , Doug McNutt wrote: At 09:56 -0500 1/26/12, Mark Montague wrote, and I snipped a bunch: On January 26, 2012 2:50 , Tarzan Jane wrote: Concerning the security I believe when using binary scripts, security is increased some levels. Si

Re: [users@httpd] Running cgi binaries as root

2012-01-26 Thread Doug McNutt
At 09:56 -0500 1/26/12, Mark Montague wrote, and I snipped a bunch: >On January 26, 2012 2:50 , Tarzan Jane > wrote: > >>Concerning the security I believe when using binary scripts, security is >>increased some levels. Since the cgi binaries are no longer acsii file

Re: [users@httpd] Running cgi binaries as root

2012-01-26 Thread Mark Montague
On January 26, 2012 2:50 , Tarzan Jane wrote: Concerning the security I believe when using binary scripts, security is increased some levels. Since the cgi binaries are no longer acsii files, injecting or altering code is hardly possible. The only way to breach security is to replace the binar

RE: [users@httpd] Running cgi binaries as root

2012-01-25 Thread Tarzan Jane
; Subject: Re: [users@httpd] Running cgi binaries as root > > On January 24, 2012 9:00 , Tarzan Jane wrote: > > The scripts address IO-pins on the embedded system [...] If I run the > > scripts as root in the /var/www/cgi-bin directory all is fine. But > > when trying to

Re: [users@httpd] Running cgi binaries as root

2012-01-24 Thread Steve Swift
An alternative is to create a virtualhost to run URL's in the format http://server.name~root/cgi-bin/etc (I forget the technical term for these hosts run under the authority of the user in the ~root/ part of the URL). There may be restrictions on using user root though; I've never tried this. This

Re: [users@httpd] Running cgi binaries as root

2012-01-24 Thread Mark Montague
On January 24, 2012 9:00 , Tarzan Jane wrote: The scripts address IO-pins on the embedded system [...] If I run the scripts as root in the /var/www/cgi-bin directory all is fine. But when trying to run the scripts using Apache via a web page nothing happens. This is because the scripts are run

[users@httpd] Running cgi binaries as root

2012-01-24 Thread Tarzan Jane
I've installed Apache/2.2.9 on a Debian Embedded Linux system. On this embedded system I've compiled C programs to *binary* cgi scripts. These scripts are copied to the /var/www/cgi-bin directory and changed rights to 755. The scripts address IO-pins on the embedded system and for that rea