On Wed, Feb 02, 2000 at 01:23:41PM +0100, Marek Habersack wrote:
> capabilities. My particular case was that I'm developing a WWW-based system
> for the users that have no shell access to the server and therefore cannot
> check what is their quota, disk usage etc. Now, to check that info the quota
> utility has to be ran either as root or as the user being checked. In my
> case, the process to examine the quotas is a CGI script written (for
> example) in C and I WON'T allow CGI execution as UID0 and change of UID to
> the target user's is out of the question since the httpd runs as its own
> user permamently and has no way to change its personality.
Why don't you have your CGI talk to a daemon (it could change users
and/or drop unneeded caps if you like) that can read the quotas?
Or have the daemon fork a child as the user performing the request?
You don't need any new kernel support for this.
Sean
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Feb 07 2000 - 21:00:07 EST