[devinfo] Stupid dev cgi question

Discussion:

John Crisp

2017-12-13 13:32:07 UTC

I'm messing with some code in a cgi-bin directory.

I wanted to query the config DB but seem to be hung up on permissions.

I have vaguely the following:

test.cgi

use CGI;
use utf8;
use strict;
use warnings;
use esmith::ConfigDB;

my $configDB = esmith::ConfigDB->open_ro or die("can't open Config DB");

If I then access test.cgi with a browser I get the following in my logs.

can't open Config DB....

I can run it fine from the CLI.

I presume this is because the script via the browser is being run as www
and not root.

So any idea how I can get his to run from the browser?

B. Rgds
John
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/public/devinfo/

Daniel Berteaud

2017-12-13 13:42:49 UTC

Permalink

Post by John Crisp
I'm messing with some code in a cgi-bin directory.
I wanted to query the config DB but seem to be hung up on permissions.
test.cgi
use CGI;
use utf8;
use strict;
use warnings;
use esmith::ConfigDB;
my $configDB = esmith::ConfigDB->open_ro or die("can't open Config DB");
If I then access test.cgi with a browser I get the following in my logs.
can't open Config DB....
I can run it fine from the CLI.
I presume this is because the script via the browser is being run as www
and not root.

Exactly

Post by John Crisp
So any idea how I can get his to run from the browser?

You can suid the script (chown root:www and chmod 750 and chmod u+s) but
it won't work on SME10 as perl-suid is gone. The alternative is to use a
C wrapper, which is itself suid, and which calls the perl script.
Note that in any case, there can be security impact, as the script will
run with very high privileges

++
--
Logo FWS

*Daniel Berteaud*

FIREWALL-SERVICES SAS.
SociÃ©tÃ© de Services en Logiciels Libres
Tel : 05 56 64 15 32 <tel:0556641532>
Matrix: @dani:fws.fr
/www.firewall-services.com/

John Crisp

2017-12-13 14:41:28 UTC

Permalink

Post by Daniel Berteaud

Post by John Crisp
I presume this is because the script via the browser is being run as www
and not root.

Exactly

Guessed so.

Post by Daniel Berteaud

Post by John Crisp
So any idea how I can get his to run from the browser?

That fixed it !

Warning noted thanks. This is on a non public server for testing so
should be OK:-)

I was looking at a simple panel file and wanted to test some responses.

Is there a safer way to test cgi files ?
_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable arch

John Crisp

2017-12-17 07:20:17 UTC

Permalink

Kk. We'll try it thanks

Post by John Crisp

Post by John Crisp
I was looking at a simple panel file and wanted to test some

responses.

Post by John Crisp
Is there a safer way to test cgi files ?

Don't bother any longer with the CGI module. Use Mojolicious. Very nice
to
work with, and comes with a built-in test capability.
http://mojolicious.org/perldoc/Mojolicious/Guides/Tutorial#Testing
You can also do black box testing using the command line to generate
responses.
http://mojolicious.org/perldoc/Mojolicious/Command/get

--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

John Crisp

2017-12-19 08:16:26 UTC

Permalink

Is the perl-Mojolicious rpm in a repo somewhere?

--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Jean-Philippe Pialasse

2017-12-21 04:26:38 UTC

Permalink

smedev repo

Jean-Philippe Pialasse DC PhD

Post by John Crisp
Is the perl-Mojolicious rpm in a repo somewhere?
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
_______________________________________________
Server Development Discussion
Searchable archive at https://lists.contribs.org/mailman/public/devinfo/

_______________________________________________
Server Development Discussion
To unsubscribe, e-mail devinfo-***@lists.contribs.org
Searchable archive at https://lists.contribs.org/mailman/publ