[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Running CGI script as a different User?

To: John <johnbt@iname.com>, pi3-users@johnroy.com
Subject: Re: Running CGI script as a different User?
From: Ang-Chih Kao <akao@MIT.EDU>
Date: Wed, 28 Oct 1998 00:59:22 -0500
In-Reply-To: <4.1.0.67.19981028121211.00dcf980@smtp.cyberway.com.sg>
References: <9810272143.AA27823@MIT.MIT.EDU><01BE01DB.B0925C00.ayy@k2.com.br>

Hi,

The problem is operating system not the web server. (well, yeah that too).
First off all, most web servers do not allow uploading and creation of
directories.  This is done through FTP, or a shell dialup account.  So,
that is not even in the realm of web servers.  Unixes (ie. Linux) are built
to limit the people's access (no writing outside their directory.  No
reading other people's stuff.  No damage to HD, etc. etc.).  I assume NT
can do some of this, but not most.

So, anyhow, you expect too much from a web server.  Perhaps, it's because
to tell you what a web server is.  A web server is also known as a httpd
(meaning http daemon).  Daemon basically means server.  So it is a http
server.  What is http?  It's a protocol to send files from a server (you)
to a browser (the viewer).  

It is not a file quota system management.  It is not a hard disk
management.  It is not a CPU management.  It is not a database management.
Shall I go on, or do I have a general idea what a web server is?

Your best bet is unix.  And yes there is a Pi3 version of Unix.  You should
also goto your local bookstore, and look for books on system management for
Unix and NT.

Also an important point to remeber: Most, if not all, web servers do not
support realm / authentication for each users directory.  This involves
access to the account / password files.  I believe IIS might be most likely
to have this.  But hell, anything is possible in Unix.

Think, before you ask.

At 12:13 PM 10/28/98 +0800, John wrote:
>Hi,
>
>I'll like to know whether it is possible for the web server to let me grant
>*limited* access for my users who wants to run cgi-bin or win-cgi
>executable programs.
>
>For example, if I grant them a cgi-bin directory:
>
>  c:/website/users/mary/cgi-bin
>
>I only want to allow Mary to be able to read/write anything in her own
>directory... her CGI executable cannot do anything such as format
>hard-disk, read/write *outside* her directory (but can create/write her own
>*SUB-DIRECTORIES*, ....  
>
>And of course, John would need to have cgi-bin
>
>  c:/website/users/john/cgi-bin
>
>whereby he only have rights to c:/website/users/john/cgi-bin and cannot
>read/write any other directories.
>
>The reason is that other users are running a database cgi in other
>directories, and I don't want users Mary or John to be able to snipe these
>users' databases away.
>
>I think the crux of this issue is whether Pi3 can execute CGI (cgi-bin,
>win-cgi or ISAPI, NSAPI scripts) as OTHER USERS other than the user in
>which Pi3 is started as.  Is that correct?
>
>This is the most important consideration for a buying decision.  I've tried
>other web servers but they cannot do the above.
>
>A bonus would be able to limit her CPU usage/hard-disk usage.... etc.  Is
>this possible?
>
>thanks,
>John 
>

References:
- Re: New user - How to configure PI3 to...
  - From: Ang-Chih Kao <akao@MIT.EDU>
- New user - How to configure PI3 to...
  - From: Alexandre Yuji Yamamoto <ayy@k2.com.br>
- Running CGI script as a different User?
  - From: John <johnbt@iname.com>

Prev by Date: Running CGI script as a different User?
Next by Date: About a Config file on a UNIX server
Prev by thread: Running CGI script as a different User?
Next by thread: Re: Running CGI script as a different User?
Index(es):
- Date
- Thread