Geo Location extracted from visitors ip address

Νίκος Gr33k nikos at superhost.gr
Sat Jul 6 09:10:22 CEST 2013


Στις 6/7/2013 5:52 πμ, ο/η Dennis Lee Bieber έγραψε:
> On Sat, 06 Jul 2013 04:10:24 +0300, ????? Gr33k <nikos at superhost.gr>
> declaimed the following:
>
>>
>> But he cgi scripts when running have full access to the server.
>> No? or they only have the kind of access that their user has also?
>>
> 	In any decent system, the web server runs as a particular user, and
> only has access to the web content and scripts. And those scripts run as
> the web server process (at most -- it may be that they run at an even more
> restricted mode).
>
> 	So NO, they do NOT have access to stuff under /root; for ancient
> CGI-BIN style, they may be restricted to only the files in the CGI-BIN
> directory.
>
Thats why i was getting permission denied vene when i had +x
when i moved the geo.dat file to /home/nikos/geo.dat then the cgi python 
script was able to opened it.

It was some guy form hostgator.com that had told me that a python script 
has the same level of access to anything on the filesystem as its 
coressponding user running it, implying that if i run it under user 
'root' the python script could access anything.

Are you sure that python scripts run under Apache user or Nobody user in 
my case and not as user 'nikos' ?

Is there some way to test that?

-- 
What is now proved was at first only imagined!



More information about the Python-list mailing list