Cron Scripts, Spam Assassin And Testing

[wolvesb]

After getting over my unease at leaving my address book for the world to see, I am the proud owner of yet-another squirrel mail installation, thanks to the instructions on here.

 

Now I just need to tweak spam assassin to do some learning (too much spam getting through).

 

So I take the handy scripts, and try to run them through PHP -- bad idea, since PHP doesn't have the permissions (?shouldn't php run as the user, not as nobody?)

 

From a search, I now know that I need "cron". That's all well and good, and I can get cron to run the handy scripts, but... Is there any way to test that the scripts are working (ie, that I have the path right and all?) Its unnerving to set them to run frequently and hope that everything is right, no typos anywhere. Is there some option to "run job now"?

 

The solutions for testing cron jobs (from a search of the forum) were PhpShell - which appears to now be banned, and wouldn't work anyway since it'd run at server permissions, not user permissions.

 

Out of curiousity, does any form of CGI run as the user and not as the webserver? Is it possible to do User-SetUID CGI-Perl?

[TCH-Bruce]

I believe if you create a folder named "scgi-bin" and placed the script in that folder it will run as you and not nobody.

[wolvesb]

I believe if you create a folder named "scgi-bin" and placed the script in that folder it will run as you and not nobody.

<{POST_SNAPBACK}>

 

Wow! Thanks. That looks like exactly like what I wanted!

 

Is there any "convenient" way to run PHP under this? I'd llike to run my squirrelmail install as myself rather than nobody. it seems I could do that by changing all the filenames to .cgi and prepending #!/bin/php to it, but that seems like a decent amount of work.

[TCH-Bruce]

I would just install it the usual way. If there are problems with ownership after the installation you can open a support ticket with the help desk and ask them to change the ownership to your account.

[wolvesb]

I would just install it the usual way.  If there are problems with ownership after the installation you can open a support ticket with the help desk and ask them to change the ownership to your account.

<{POST_SNAPBACK}>

 

I have Squirrel mail insteaded the usual way at the moment.

 

I still have this nagging feeling that having 777 permissions to my address book directory.

And having the files owned by nobody, so I can't read/back them up, is odd.

 

I had this "clever" idea:

Pick a subdirectory, call it mysqmail/

Modwrite everything to a SCGI-BIN script

Sanitize the URL to remove any ".."

include the sanitized URL (ie, php file) from a directory that is outside public_html

 

Would this work? I'm trying to find an example of the url sanitation, because its security and I don't like to get that wrong..