Menu
▾
▴
Re: [Bobs-devel] backup over nfs ok, but files not visibles with the php web interface
|
From: Joe Z. <joe...@za...> - 2004-12-08 17:26:00
|
Sylvain MEILARD wrote: >>Sylvain MEILARD wrote: >> >> >> >>>I think i won't be easy... Apache should have reading right on backuped >>>files. >>> >>> >>> >>> >>Or something in the web interface needs elevated privileges, like a >>setuid program that is limited to only extracting the directory listing. >> >> >> >Yes, it could be a better solution. this program could be owned by >root:apache, with execution right for the group, and no right for others. >Apache should only use it to read directory used for backup. It would be very >simple and fast to write it in C. If you lack time, i'm ready to do it. It >would simply consist in using opendir(), readdir(), stat() ? and closedir(). >[...] > > You'll have to dig into the source code to see where to hook in the setuid program. I'm not very familiar with the web interface portion. >>>For now, what append if a user try to restore files on which he has no right >>>? >>> >>> >>> >>> >>If he can select the file to restore in the bobs interface, cmdloop will >>restore it. >> >> >> >But the user can see all files and dirs on which apache has reading right, >even if the user himself has no right on it, isn'it ? And he also could >restore it, still with no right ? > > > Yes, that's right. The only thing the user needs is the password for the bobs interface. |
