CGI Uploads: Perl, Apache, and Permissions

I'm creating an web site that is basically an easy-to-use ftp program generated in html by perl. I'm using Linux, and I've created a user specifically for owning all the files/folders involved in the project.

I've noticed that running the upload CGI script from the http:// . . . /~username/ directory uploads the files with a default owner:group as username:username. However, I've set up a virtual host name to point to that same user directory. When running the same file upload CGI from that virtual host web page the files don't actually save to the folders. I've found that that's because the owner:group is now set to apache:apache, and the apache user and group do not have permissions set to write to these folders. So if I make the folders world-writable the files will upload. That will not do.

Now I've been reading about suexec and how it works, and I've got the idea of how it works. I've set the permissions to the suexec file to 4755, and have set the SuexecUserGroup tag into the appropriate virtual host directory in httpd.conf. Now, it seems to work fine. . . the httpd daemon starts up fine, and the main pages for this virtual host open in web browsers no sweat. But when those CGIs try to run no way. I get 500 errors. Even if I set the default cgi-bin folder in the httpd.conf to be a folder owned by this user I get browser 500 errors.

The only solution that I can think of, but really don't want to do, is set the group ownership for all these files/folders to apache. I would rather get this suexec thing working properly. I would love any suggestions any of you have to offer.

 

 

 

 

Top