[freeside] Billing and other questions

ivan ivan at 420.am
Tue Jun 6 14:37:05 PDT 2000


On Tue, Jun 06, 2000 at 09:38:30AM -0500, Thomas Charron wrote:
> Quoting Gordon Smith <gordon at isl.net.nz>:
> > I do have another suggestion, that you probably won't agree with. Thats
> > having the option of running freeside as the nobody user, rather than
> > using wrappers for the CGI scripts. If used with ssl and .htaccess, it
> > would still be quite secure. The problem with suexec is that the CGI
> > scripts must reside in the root web, not in sub-folders, although this
> > can be changed by hacking the source for suexec.
> 
>   This actually leads me to an additional question.  Why must the cgi scripts 
> actually RUN as the freeside user?  The pull their database data from the conf 
> files, etc, so the databse connection isn't the limiting factor, so, what is?

Filesystem access (including *reading* the configuration files), and ssh
access to remote systems.

-- 
meow
_ivan



More information about the freeside-users mailing list