Hi, thanks for your answer.
If your web server supports it, you could run the script setuid, but that would require a separate script for each user. Since we're talking about CGI::Application here, it would only require a separate instance script for each user, but that's still a hassle to manage if anything needs to be changed around in the instance script.Alternatively, since you're trying to access mail files, can you get to them through a POP or IMAP interface? That way the CGI can authenticate to the POP/IMAP server--which should have permissions to read/write user's mbox files--and you get around the permissions problem.Other than those two options, you'd have to do some fancy footwork to get it going. You could write your own server to act in place of the POP/IMAP server or write a setuid program that your CGI could talk to, but both open up a very messy can of worms from a security standpoint.What is the function of the CGI overall? Also, what web server is this running under? A little more info might help me give you some better ideas.
first the CGI give me a list of mails in a folder (e.g. spam). Then I want to select some of them (false positives) to move them into inbox. The second CGI is used to change some settings in user-specific files (e.g. enable/disable spam-filter by (un)comment the concerning row).
Apache 1.3.26 is running as web-server under Debian Linux (woody)
Jan Dworschak
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.