From owner-freebsd-questions  Thu Apr  2 10:30:54 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA03614
          for freebsd-questions-outgoing; Thu, 2 Apr 1998 10:30:54 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from dove.peace.com.my (peace.com.my [202.184.153.15])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA03486
          for <freebsd-questions@FreeBSD.ORG>; Thu, 2 Apr 1998 10:30:45 -0800 (PST)
          (envelope-from panda@peace.com.my)
Received: from lovebox (love.com.my [202.184.153.17])
	by dove.peace.com.my (8.8.5/8.8.5) with SMTP id CAA00422
	for <freebsd-questions@FreeBSD.ORG>; Fri, 3 Apr 1998 02:13:51 +0800 (SGT)
Date: Fri, 3 Apr 1998 02:13:51 +0800 (SGT)
Message-Id: <3.0.32.19980403023610.009a1ad0@peace.com.my>
X-Sender: panda@peace.com.my
X-Mailer: Windows Eudora Pro Version 3.0 (32)
To: freebsd-questions@FreeBSD.ORG
From: chas <panda@peace.com.my>
Subject: How can CGI script execute root commands or edit root-owned
  files ?
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Since a CGI script is executed with Nobody's (the web
server's) privilegies, how it can run Administrator 
commands like useradd ?

One suggestion I've had was running the webserver
as root but this seems to be considered
not a good thing by and large. I was just looking
at updating user records and DNS records in such
a manner.

Cheers,

Chas

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message