"Beau E. Cox" wrote: > Hi - > > I have a script (simple server) that can be used by > others remote to me. For security I would like to > 'become' (assume the permissions) of a specified, > under-privileged user before listening to the > outside world - much like Apache 'becomes' the > user/group specified in the http.conf file. > > I admit, I'm lost... CPAN 'user' modules seem to > concentrate on looking at/manipulating users, > not changing into one. > > I would like to do this in a 'portable' way, > (nix and Win32). > > Before I delve into the Apache source, is there > somewhere else to look? > > Aloha => Beau;
Hi Beau, Is this CGI? If so, you should definitely not have to artificially reduce privileges. Web clients generally are treated as the world or Everyone object, with lowest privileges. Your script itself should have the level of privileges which its group is entitled to. For instance, if I have a private folder adjacent to my web folder, the material therein will not be available to the web user directly. But my script will be able to access it and mediate any changes made in response to user input. Somehow, it seems to me that this leaves it to the application to determine which options to offer any given user. For that purpose, you would probably want to use the admin software. As for providing elevated privileges for logged-in users, I know that NT systms do have a Run As... feature, so there should be a Perl interface to that out there. Joseph -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
