http://www.perlmonks.org?node_id=520783

kprasanna_79 has asked for the wisdom of the Perl Monks concerning the following question:

Hi Monks,

Kindly ignore if its not a valid question. I am trying to open a file, which is present in my home directory(/home/prasanna).I am getting the file name from the user and concatinating it with the path.

My question is can we access the file outside the cgi-bin/htdocs directory.I think this is clear. But when i tried to open i couldnt able to open. Can any one help me

Update:-

I am using apache as my web server

-Prasanna.K

Replies are listed 'Best First'.
Re: opening a file using CGI
by ptum (Priest) on Jan 04, 2006 at 03:16 UTC
    The most likely problem is that the web user (the user under whose authority Apache is running) doesn't have authority to open a file in your home directory. But we can't tell, because you didn't show us the error message that the open() command produced. Please post a little code, and we can probably help you more effectively. :)

    No good deed goes unpunished. -- (attributed to) Oscar Wilde
[reply]
Re: opening a file using CGI
by sk (Curate) on Jan 04, 2006 at 03:26 UTC
    As mentioned by ptum the problem is likely due to file perm. I did this on my machine (Apache 2.0/Mod_perl) - 

    #!/usr/bin/perl -wT

use strict;
use CGI;
use CGI::Carp   qw/fatalsToBrowser/;

open (OUT, ">/no/perm/path/junkfile") or die $!;

print OUT ("hi there\n");

close(OUT);

    [download]

    I get this -

    Software error:

Permission denied at /var/www/html/perl/create.cgi line 7.

For help, please send mail to the webmaster (root@localhost), giving t
+his error message and the time and date of the error.

    [download]

    However when i changed the path to /tmp/junkfile (world-writeable for me) it works just fine. I guess if you turn on the fatalsToBrowser (turn it off for production) you will get more info. Also take a look at your apache logs!

    cheers

    SK

[reply]
[d/l]
[select]
Re: opening a file using CGI
by TedPride (Priest) on Jan 04, 2006 at 03:19 UTC
    Have you tried printing the path and checking to make sure it's valid? Keep in mind that opening a file requires the full path, not just the path from your hosting account.

    Also, if the file doesn't have the proper permissions, that may be blocking the read. If you're using the full path, and the path matches correctly, check permissions.

[reply]
Re: opening a file using CGI
by wink (Scribe) on Jan 04, 2006 at 03:21 UTC

    Yes to all of what ptum said.

    As a possible fix, you can change permissions on your home directory and the file(s) the web users will need to access. However, this may present a security risk on multiple levels.

[reply]
Re: opening a file using CGI
by vennirajan (Friar) on Jan 04, 2006 at 04:42 UTC
    Hi Prasanna,

          The most of the errors can happen with the permissions issues. I hope that you got enough information from the above replies. In addition to that , i want to add one more thing.

          In Redhat Linux Enterprise Edition - 4, we have some thing called as "Selinux". That is another extended linux security for linux files. That one also plays as important role in file permissions when using through apache. You can also find the enough information in "man selinux". You go through that page and give appropriate file permissions.



    Regards,
    S.Venni Rajan.
    "A Flair For Excellence."
                    -- BK Systems.
[reply]

Back to Seekers of Perl Wisdom