Authenticating Linux system users from Apache/Web

Protecting your Linux box
Post Reply
sevensins
Havaldaar
Posts: 117
Joined: Tue Apr 13, 2004 1:45 pm
Location: PAKISTAN
Contact:
Contact sevensins

Authenticating Linux system users from Apache/Web

Post by sevensins »

AOA,
what I would want to do is to authenticate a linux user via web browser to a centain directory e.g http://domain.com/protected , the .htpasswd one I know but I want to run some cgi scripts that execute some bash scripts and need a valid linux user who is in the sudoers. So in short when the user access http://domain.com/protected/abc.cgi his system user should be passed so the cgi scripts executes and in it the command sudo service httpd restart can execute.

I added the apache user in sudoers and it works but I need the linux users..

Any help/suggestion would be much appreciated.
Regards,

-----------------------------------------------------------------
A wise monkey never monkies w/ another monkey's monkey!
Top
lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:
Contact lambda

Post by lambda »

i guess one way to do this would be to create a setuid root program that apache runs when it the user authenticates and hits abc.cgi. the setuid application will setuid(the-username's-uid) and then execute whatever script that needs to run as that user.

might be easier to do than messing with sudo.
Top
Post Reply

Return to “Security”