Top Document: FAQ: Frequently Asked Questions about CGI Programming Previous Document: 1.15 What is the "CGI Overhead", and should I be worried about it? Next Document: 1.17 What is CGIWrap, and how does it affect my program? See reader questions & answers on this topic! - Help others by sharing your knowledge Unix systems are designed for multiple users, and include provision for protecting your work from unauthorised access by other users of the system. The file permissions determine who is permitted to do what with your programs, data, and directories. The command that sets file permissions is chmod. Web servers typically run as user "nobody". That means that, setting aside serious bugs (such as those in certain versions of the Frontpage extensions), your files are absolutely secure from damage through the webserver. It also means that you may have to make explicit changes to enable the server to access them in a CGI context. There are two ways to run CGI: - by default they run as the webserver user (nobody) For most purposes this is safest, as your programs and data are protected by the operating system from unauthorised access through possible bugs in your CGI. However, when the CGI has to write to a file, that file must be writable to every web user on the system, and is therefore completely unprotected. - setuid, they run under your own userid. This means that files written by your CGI can be secure. On the other hand, any bugs in your CGI could now compromise *all* your programs and data on the server. As an elementary security precaution, scripts (e.g. Perl) are prevented from running setuid by most OSs. The "cgiwrap" program offers a workaround for this. A third way you should *never* permit CGI to be run is: - as root or setuid root, they can run as any user. This is extremely dangerous, as any bugs could compromise the entire server, including every user's files. Fortunately only the system administrator can install setuid root programs. If you are *at all* concerned about security, make sure that no such programs (in particular Frontpage extensions) are installed, regardless of whether you use them yourself. For a proper overview, "man chmod". Some modes that may be useful in a typical CGI context are: * CGI programs, 0755 * data files to be readable by CGI, 0644 * directories for data used by CGI, 0755 * data files to be writable by CGI, 0666 (data has absolutely no security) * directories for data used by CGI with write access, 0777 (no security) * CGI programs to run setuid, 4755 * data files for setuid CGI programs, 0600 or 0644 * directories for data used by setuid CGI programs, 0700 or 0755 * For a typical backend server process, 4750 Finally, if this answer tells you anything you didn't already know, don't even think about trying to set up a secure server! User Contributions:Top Document: FAQ: Frequently Asked Questions about CGI Programming Previous Document: 1.15 What is the "CGI Overhead", and should I be worried about it? Next Document: 1.17 What is CGIWrap, and how does it affect my program? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: Nick Kew <nick@webthing.com>
Last Update March 27 2014 @ 02:12 PM
|
Comment about this article, ask questions, or add new information about this topic: