* [gentoo-user] Way OT - Can user apache become other users? @ 2006-04-14 3:29 Michael Sullivan 2006-04-14 13:27 ` [gentoo-user] " Michael Sullivan 0 siblings, 1 reply; 5+ messages in thread From: Michael Sullivan @ 2006-04-14 3:29 UTC (permalink / raw To: gentoo-user If the shell assigned to user 'apache' is "/bin/false", can user apache become other users via su or sudo? What I want to do is create a web-based website editor, similar to the one geocities.com offers. I need a way to store the website editor in a central location where it will be available to all users, but the users need to be able to save the files they create/edit in their own web space (in this case under ~/webspace/html). I want the users to be able to log in with their Linux usernames and passwords. I"ve written to a couple of PHP lists about this, but none of them have answered me. Is there anything in portage that will do this, so I don't have to write it myself? I've waded through a lot of descriptions of scripts other people have written, but none of them seemed to allow authenticating against the users and passwords already established on the system... -- gentoo-user@gentoo.org mailing list ^ permalink raw reply [flat|nested] 5+ messages in thread
* [gentoo-user] Re: Way OT - Can user apache become other users? 2006-04-14 3:29 [gentoo-user] Way OT - Can user apache become other users? Michael Sullivan @ 2006-04-14 13:27 ` Michael Sullivan 2006-04-21 18:19 ` Michael Sullivan 0 siblings, 1 reply; 5+ messages in thread From: Michael Sullivan @ 2006-04-14 13:27 UTC (permalink / raw To: gentoo-user On Thu, 2006-04-13 at 22:29 -0500, Michael Sullivan wrote: > If the shell assigned to user 'apache' is "/bin/false", can user apache > become other users via su or sudo? What I want to do is create a > web-based website editor, similar to the one geocities.com offers. I > need a way to store the website editor in a central location where it > will be available to all users, but the users need to be able to save > the files they create/edit in their own web space (in this case under > ~/webspace/html). I want the users to be able to log in with their > Linux usernames and passwords. I"ve written to a couple of PHP lists > about this, but none of them have answered me. Is there anything in > portage that will do this, so I don't have to write it myself? I've > waded through a lot of descriptions of scripts other people have > written, but none of them seemed to allow authenticating against the > users and passwords already established on the system... Someone on one of my PHP lists wrote back and told me that I needed to make php with phpsuexec, but I don't see that as one of the USE flags. Is it called something else in Gentoo? -- gentoo-user@gentoo.org mailing list ^ permalink raw reply [flat|nested] 5+ messages in thread
* [gentoo-user] Re: Way OT - Can user apache become other users? 2006-04-14 13:27 ` [gentoo-user] " Michael Sullivan @ 2006-04-21 18:19 ` Michael Sullivan 2006-04-21 20:11 ` [gentoo-user] OT - unusual USE flag possibilities [WAS: Re: Way OT - Can user apache become other users?] Michael Sullivan 0 siblings, 1 reply; 5+ messages in thread From: Michael Sullivan @ 2006-04-21 18:19 UTC (permalink / raw To: gentoo-user On Fri, 2006-04-14 at 08:27 -0500, Michael Sullivan wrote: > On Thu, 2006-04-13 at 22:29 -0500, Michael Sullivan wrote: > > If the shell assigned to user 'apache' is "/bin/false", can user apache > > become other users via su or sudo? What I want to do is create a > > web-based website editor, similar to the one geocities.com offers. I > > need a way to store the website editor in a central location where it > > will be available to all users, but the users need to be able to save > > the files they create/edit in their own web space (in this case under > > ~/webspace/html). I want the users to be able to log in with their > > Linux usernames and passwords. I"ve written to a couple of PHP lists > > about this, but none of them have answered me. Is there anything in > > portage that will do this, so I don't have to write it myself? I've > > waded through a lot of descriptions of scripts other people have > > written, but none of them seemed to allow authenticating against the > > users and passwords already established on the system... > > Someone on one of my PHP lists wrote back and told me that I needed to > make php with phpsuexec, but I don't see that as one of the USE flags. > Is it called something else in Gentoo? I take it from the fact that no one has responded to this question that suexec is not possible in PHP on Gentoo. Is there some other language I can do this project in, such as perl or ruby, or anything freely available on Gentoo for that matter that would allow my users to use a web-based website editor and save the files to their own webspace? -- gentoo-user@gentoo.org mailing list ^ permalink raw reply [flat|nested] 5+ messages in thread
* [gentoo-user] OT - unusual USE flag possibilities [WAS: Re: Way OT - Can user apache become other users?] 2006-04-21 18:19 ` Michael Sullivan @ 2006-04-21 20:11 ` Michael Sullivan 2006-04-21 21:29 ` Neil Bothwick 0 siblings, 1 reply; 5+ messages in thread From: Michael Sullivan @ 2006-04-21 20:11 UTC (permalink / raw To: gentoo-user On Fri, 2006-04-21 at 13:19 -0500, Michael Sullivan wrote: > On Fri, 2006-04-14 at 08:27 -0500, Michael Sullivan wrote: > > On Thu, 2006-04-13 at 22:29 -0500, Michael Sullivan wrote: > > > If the shell assigned to user 'apache' is "/bin/false", can user apache > > > become other users via su or sudo? What I want to do is create a > > > web-based website editor, similar to the one geocities.com offers. I > > > need a way to store the website editor in a central location where it > > > will be available to all users, but the users need to be able to save > > > the files they create/edit in their own web space (in this case under > > > ~/webspace/html). I want the users to be able to log in with their > > > Linux usernames and passwords. I"ve written to a couple of PHP lists > > > about this, but none of them have answered me. Is there anything in > > > portage that will do this, so I don't have to write it myself? I've > > > waded through a lot of descriptions of scripts other people have > > > written, but none of them seemed to allow authenticating against the > > > users and passwords already established on the system... > > > > Someone on one of my PHP lists wrote back and told me that I needed to > > make php with phpsuexec, but I don't see that as one of the USE flags. > > Is it called something else in Gentoo? > > I take it from the fact that no one has responded to this question that > suexec is not possible in PHP on Gentoo. Is there some other language I > can do this project in, such as perl or ruby, or anything freely > available on Gentoo for that matter that would allow my users to use a > web-based website editor and save the files to their own webspace? I found www-apache/mod_suphp, which seems to be what I need. It has several USE flags which I am unfamiliar with, such as mode-force, mode-owner, mode-paranoid, etc. Is there a way that I could find out what these flags mean? They are not in /usr/portage/profiles/use.desc... -- gentoo-user@gentoo.org mailing list ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-user] OT - unusual USE flag possibilities [WAS: Re: Way OT - Can user apache become other users?] 2006-04-21 20:11 ` [gentoo-user] OT - unusual USE flag possibilities [WAS: Re: Way OT - Can user apache become other users?] Michael Sullivan @ 2006-04-21 21:29 ` Neil Bothwick 0 siblings, 0 replies; 5+ messages in thread From: Neil Bothwick @ 2006-04-21 21:29 UTC (permalink / raw To: gentoo-user [-- Attachment #1: Type: text/plain, Size: 461 bytes --] On Fri, 21 Apr 2006 15:11:16 -0500, Michael Sullivan wrote: > Is there a way that I could find out > what these flags mean? They are not > in /usr/portage/profiles/use.desc... Are they in /usr/portage/profiles/use.local.desc? Either way, reading the ebuild will show you which configure options these flags control. -- Neil Bothwick If the pen is mightier than the sword, and a picture is worth a thousand words, how dangerous is a fax? [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 191 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2006-04-21 21:41 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2006-04-14 3:29 [gentoo-user] Way OT - Can user apache become other users? Michael Sullivan 2006-04-14 13:27 ` [gentoo-user] " Michael Sullivan 2006-04-21 18:19 ` Michael Sullivan 2006-04-21 20:11 ` [gentoo-user] OT - unusual USE flag possibilities [WAS: Re: Way OT - Can user apache become other users?] Michael Sullivan 2006-04-21 21:29 ` Neil Bothwick
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox