• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Apache permission problem

A

Armitage

Banned
I have a CGI script that generates a png image in the /tmp diorectory. But the apache server can't see it with either an absolute path, or a path relative to the document root. And the script can't write to anything in the document root.

Any suggestion? I suspect it's a Bad Idea to make the document root writable by Apache.
 
How are you trying to access it from apache? If you mean via request url, it'd be a huge security issue if you could get at things outside the docroot.

You could make a particular directory within the docroot writeable by the cgi script. It's not ideal, but sometimes you've got to do it. I mean, are you sure that there's nowhere else on the filesystem that apache can write anyways? (This is why I like the nice default chroot on openbsd, it's super-easy to audit what apache can access 🙂). Obviously it can write to /tmp anyway, which is probably worse than in the docroot because the docroot can be on its own slice/partition (for filling up the filesystem or setting noexec and such).
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top