[thelist] Site Root & Document Root

Keith cache at dowebs.com
Wed Jul 4 17:05:43 CDT 2001 

> Keith  
>  
> One quick thought/question ... 
>  
> <SNIP> 
> > ...siteAdmin and the site's CGI, no one not even the serverAdmin. If 
> > you use 0666 to store files outside the domain path on a RaQ those 
> > files can be accessed by the serverAdmin, not a good thing if the 
> > serverAdmin is different from the siteAdmin. 
> </SNIP> 
>  
> can cgiWrap not read a files outside domain path with 0600 ? 
>  

That depends, Marcus. Unix permissions are not global,  0600 set by user xyz 
is a different set of permissions than  0600 set by user abc.  

Permissions are set for 0-owner-group-other. Suppose user  xyz can create, and 
therefore own, a file in the /root/  directory (the user named "root" would of 
course have to  give /root/ permissions for that). A CGI owned by user xyz  
would then be able to r/w that file in /root/ because xyz owns  both files. This 
logic extends throughout the entire server. A  CGI owned by xyz can r/w any file 
anywhere on the server if  the file is owned by xyz and has 0600 permissions. 

So the answere is, yes, IF the file outside of the domain  path is owned by the 
same user that owns the CGI that is  attempting to r/w that file. But the answere 
is no, IF the file is  owned by a user other than the owner of the CGI that is  
attempting to r/w that file.  

Caveat: xyz cannot r/w a file created by abc if the file has  0600 permissions, or 
even 0666 permissions, even if that  file is inside the domain (That's why you 
never allow two  siteAdmins for one site, and never upload files to a site as  the 
serverAdmin, even though both are technically possible  on a RaQ) 

This may seem weird if you are used to a regular Unix  server. This all makes 
sense though if you understand why  a RaQ has to use CGIWrap.  

On most Unix/Apache servers Perl runs as the user  nobody, the same user 
that Apache runs as. Therefore a  CGI activity is controlled by the "other" 
permission. On a  RaQ Perl also runs the Cobalt GUI that runs the server.  
Therefore Perl needs to r/w config files that are owned by  the user named 
"root". This would be a catastrophy waiting  to happen if left that way since a 
script in any domain could  r/w such files as httpd.conf.  

By forcing CGI through CGIWrap a CGI runs as the owner  of the file and by 
Cobalt/Apache config that owner must be a  siteAdmin. Therefore, CGI activity 
is controlled by the  "owner" permissions instead of by the "other" permissions.  
Although I don't use ASP or PHP, I understand that their  permission set on a 
RaQ is also through the "owner"  instead of "other".  

keith 

cache at dowebs.com
WebSitePad.com  
edit and manage your site from your browser

More information about the thelist mailing list