Hi there,
The default setup of litespeed has a CGI context for ~/cgi-bin which allows files in this directory with proper permissions to get executed by the interpretor supplied on shebang line within the script. Now this allows arbitrary commands to get executed on the system. For example the supplied helloworld script uses /bin/sh.
I want users to be able to access only /usr/bin/perl. I tried removing the CGI context and associating .pl & .cgi scripts with CGI Daemon. But then realized that it serves no purpose as the interpreter is still taken from the shebang line. Is there no way to simply associate .pl & .cgi with perl binary and disallow arbitrary access on system?
Also what is the way to disable Perl from executing external commands? Like in php.ini we can disable functions like exec(), system() etc. How its done with Perl?
-Regards,
Akash
The default setup of litespeed has a CGI context for ~/cgi-bin which allows files in this directory with proper permissions to get executed by the interpretor supplied on shebang line within the script. Now this allows arbitrary commands to get executed on the system. For example the supplied helloworld script uses /bin/sh.
I want users to be able to access only /usr/bin/perl. I tried removing the CGI context and associating .pl & .cgi scripts with CGI Daemon. But then realized that it serves no purpose as the interpreter is still taken from the shebang line. Is there no way to simply associate .pl & .cgi with perl binary and disallow arbitrary access on system?
Also what is the way to disable Perl from executing external commands? Like in php.ini we can disable functions like exec(), system() etc. How its done with Perl?
-Regards,
Akash