October 2001
Beginner
528 pages
15h 20m
English
Content preview from Perl for Web Site ManagementBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Guestbook File Permissions
Any
time we want a CGI script to
write to a file on the web server, we have some
security-related issues to
consider. Because the CGI script typically runs as
nobody or www or some other
unprivileged user, it can’t normally make changes to a file
owned by some other user (like our own user account, the one
we’ve used for setting up the guestbook). There are at least
three alternatives for solving this problem.
One solution is to have the guestbook file be owned by the same user
as the web server process: nobody or
www or whatever it is in this particular case.
If we have access to a helpful system administrator we could have him
do this for us. Or we could make the directory in which the data file
is going to be created world-writeable (using
chmod
to set its permissions to
777), then run a special CGI script to create the
guestbook file. After that we would reset the directory’s
permissions to something more reasonable, like
755, which will still allow the guestbook script
to add entries to the data file, but will prevent everyone else in
the world from creating new files in the directory.
One problem with this approach is that it makes it harder for us to edit the guestbook file manually. We might want to add a reply to one of the guestbook entries, for example, or delete a specific entry. If the guestbook file is owned by the same account as the web server and isn’t world-writeable, we won’t be able to make changes to it easily.
Another approach ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.