bstrosberg at rcpsc.edu
Wed Jan 15 10:44:55 EST 2003
> Subject: [oclug]Perl Qs
> Couple of questions that should hopefully be easy.
> 1. I have a script run by my webserver (not under mod_perl)
> that needs to
> restart networking and the webserver. If I shutdown the
> server though,
> the script is terminated. I've thought about scheduling a
> cron job, but
> then I'd just have to delete it somehow, and this should be
> fairly idiot
> 2. How can I have a regex search for the contents of a variable, no
> matter what they are? Ie:
> $oldip = "CGI=HASH(0x86e5a60)->param('ip')";
> Doesnt work, but if I escape the ()' characters, it does.
> Not surprised,
> but I'm curious if there's some magic switch that can tell a regex to
> "just search for whatever's in the variable and don't bother trying to
> intelligently interpret anything in there."
You could have you web server CGI script write a value to a file on the
disk, which is then checked by the cron task. I.E., your cron task looks at
the file every x interval, and if the value is present in the file, run your
network restart, webserver restart and reset the value to it's null state.
This way the web server isn't trying to run things it doesn't have
priviledges to do, and the external cron script can be 100% out of reach of
the web server process owner.
Having the web server "own" scripts that can do things outside the bounds of
normal webserver CGI operation is dangerous. Doing things this way could
allow you to sandbox your CGI scripts and lessen priviledge elevation
worries. There will be some worry about a DOS hole if someone can
manipulate the file->value, but that's better than letting the script
execute stuff it shouldn't.
As far as the magic switch goes, double quotes cause values to be
interpolated, and single quotes cause the values to be taken literally.
Bill Strosberg, CISSP
More information about the OCLUG