Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: System commands using CGI

by dsheroh (Monsignor)
on Dec 03, 2012 at 10:10 UTC ( [id://1006840]=note: print w/replies, xml ) Need Help??


in reply to System commands using CGI

Aside from 
use strict;
use warnings;

[download]
the next major point for debugging problems in web-related code is to check your web server's error log to find the error message generated when things went wrong.

In this particular case, I expect that you'll find an "access denied" error indicating that the user the web server runs as (probably "nobody", "apache", "httpd", or "www-data", depending on your OS and distribution) doesn't have permission to create or append to /var/www/cgi-bin/new.txt. The reason it works when you run it from the command line is that you have permission to create and write to that file, but the web server doesn't, so it fails when run by the web server.

If my guess as to the cause is correct, then the solution is to first create that file from the command line, then give the web server user permission to write to it. Do not give the web server user write permission to the entire /var/www/cgi-bin/ directory, as that would open up huge security holes allowing anyone who compromised one of your cgi-bin scripts to then create their own new scripts (or replace existing ones) on your machine.

Or, better, tell us what you're actually trying to achieve and we can probably find a way to do it that doesn't require allowing the web server process to write directly to files in potentially-sensitive locations.

Replies are listed 'Best First'.
Re^2: System commands using CGI
by nikhilB (Initiate) on Dec 03, 2012 at 10:55 UTC
    Thanks all for the response. I am trying to run a the perl script from the browser. The perl script is supposed to run some system level commands and print on the webpage. I figured out that the changes needed in the httpd.conf file and I was able to run some simple commands like ls and who from the browser. However I am unable to run the commands which require the root access for example useradd. Any idea what I need to do to execute the commands which require the root access ? Thanks, Nikhil.
[reply]
[reply]

      As Anonymous Monk pointed out, this is a bad idea. In fact, that is precisely why you can't do it: web servers are specifically set up to prevent that sort of thing.

      What do you want to do, anyway?



      When's the last time you used duct tape on a duct? --Larry Wall
[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://1006840]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others contemplating the Monastery: (3)
As of 2024-04-25 19:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found