I am trying to make a web program which is command line equivalent. i have done the coding in cgi program in perl and html for basic forms to take inputs. when i ran the program from web application i see permission denied messages. after analyzing i found apache is running as wwwrun which does not have access to /mydirectory
/mydirectory is owned by user "prd", i changed /etc/apache2/uid.conf as below and restarted apache and everything works perfect
#User wwwrun
User prod
#Group www
Group prd
My concern - Executing apache process as prd which is sudo user is smelling fishy and alternately i dont want to add wwwrun to prd group giving access to all wwwrun process
Any recommendations is highly appreciated - thank you
I would change the Apache user and group back to the original, then create a new group, add users prob and wwwrun to it, then change the group ownership of the /mydirectory directory to that group, change the permissions to rwx and set the SGID bit on it. Ideally, perhaps, you would want to create a new directory instead of using one owned by the prod user.