Python CGI question/issue

Harry George harry.g.george at boeing.com
Wed Aug 4 19:11:37 CEST 2004


candrade at gmail.com (Carlos Andrade) writes:

> I have a working python script that takes in content from a form,
> cleans it up, adds html formatting and then places it into my
> index.html page on my server.  When I had index.html set up as :
> -rw-rw-r--  1 carlos  wheel   3517 Aug  4 09:51 index.html
> I could not write back to the file,
> Traceback (most recent call last):
>   File "/usr/local/www/cgi-bin/bob.py", line 24, in ?
>     file=open("../data/index.html","w")
> IOError: [Errno 13] Permission denied: '../data/index.html'
> [Wed Aug  4 09:50:47 2004] [error] [client X.X.X.X] Premature end of
> script headers: /usr/local/www/cgi-bin/bob.py
> 
> and I though well shoot okay I need to make index.html -rw-rw-rw-,
> when then made me a little paranoid.  Is there a more simpler way to
> make it possible for me to write back to index.html?

The cgi is running as whatever the webserver is set for, probably
"nobody".  So it doesn't matter that you personally own the file.  The
cgi can only edit the file if "nobody" can do so.

Changing files on a website can be done many ways.  They have little
to do with python per se, though they can be done with python.

1. For fairly simple tasks, why not rewrite the app as a batch job,
   run it as you in a sandbox, and then copy the resulting html file
   to the web-visible docs dir.  That way you can control the
   permissions in the copy process.  If it is a remote site, and you
   need ftp, consider ftpmirror.py and similar tools.

2. You have almost described a Content Mgmt System (CMS), and
   something like zope plone might do what you want.  Or for ad hoc
   editing you consider a wiki (e.g., moinmoin).

3. webdav is the official mechanism for web editing.  I haven't tried
   it personally.

4. There is an apache module for changing user and group during a cgi.
   It comes with all kinds of dire warnings.

5. If you can run your own webserver, it can be run as you, and thus
   can control those files.  Better would be to make a totally new
   userid just for this task.

6. You could run your own web service, e.g., via Twisted.  As with a
   std webserver, it is better to have a separate userid for the task.


-- 
harry.g.george at boeing.com
6-6M21 BCA CompArch Design Engineering
Phone: (425) 342-0007



More information about the Python-list mailing list