solderpunk
/
molly-brown
7
29
Fork 10
Code Issues 9 Pull Requests Releases Wiki Activity

CGI? #5

New Issue
Closed
opened 2020-06-14 22:42:35 +00:00 by krixano · 4 comments
krixano commented 2020-06-14 22:42:35 +00:00
Copy Link

I was gonna ask if molly-brown supported CGI, but then I looked at the commits, and seems like it either does or you're working on it. I'm definitely happy to see this since I've been waiting for CGI support in molly-brown :)

Having this in the readme would be useful though, I think.

I was gonna ask if molly-brown supported CGI, but then I looked at the commits, and seems like it either does or you're working on it. I'm definitely happy to see this since I've been waiting for CGI support in molly-brown :) Having this in the readme would be useful though, I think.
solderpunk commented 2020-06-17 13:05:03 +00:00
Owner
Copy Link

It certainly does, and you are absolutely right about the README, which is definitely lagging behind these days, sorry! As a quick start:

  • Define one or more regexps for paths in the CGIPaths config variable (see example.conf for the syntax).
  • Any files whose path matches one of those regexps and which are world-executable will be run when a request comes in.
  • Details about the request will be passed in via environment variables. Most of the standard CGI variables have a sensible analogue.
  • Anything the CGI process prints to stdout is sent to the client, and you need to generate the response header yourself
  • If the process does not terminate naturally within 10 seconds it will be killed and the client will be sent an error message instead
  • Be aware the CGI process runs as the same user as Molly Brown so, e.g. it can read and even write the logs and potentially do other evil things. Don't let people you don't trust upload stuff to the CGI path

Hope this helps!

It certainly does, and you are absolutely right about the README, which is definitely lagging behind these days, sorry! As a quick start: * Define one or more regexps for paths in the CGIPaths config variable (see example.conf for the syntax). * Any files whose path matches one of those regexps and which are world-executable will be run when a request comes in. * Details about the request will be passed in via environment variables. Most of the standard CGI variables have a sensible analogue. * Anything the CGI process prints to stdout is sent to the client, and you need to generate the response header yourself * If the process does not terminate naturally within 10 seconds it will be killed and the client will be sent an error message instead * Be aware the CGI process runs as the same user as Molly Brown so, e.g. it can read and even write the logs and potentially do other evil things. Don't let people you don't trust upload stuff to the CGI path Hope this helps!
sloum commented 2020-06-20 17:51:38 +00:00
Copy Link

I'm so glad I looked at this issue! This likely explains my issues with running cgi on RTC. cmccabe has likely not set up regex to allow for cgi on the server. I'll see if he'll regex me in :)

I'm so glad I looked at this issue! This likely explains my issues with running cgi on RTC. cmccabe has likely not set up regex to allow for cgi on the server. I'll see if he'll regex me in :)
solderpunk commented 2020-06-21 10:43:33 +00:00
Owner
Copy Link

Unfortunately having to restrict CGI execution to explicitly trusted paths is necessary because until Go gets a functioning setuid() functionality, the CGI processes will run as the same user as Molly does, meaning they necessarily have access to TLS keys, log files, and other things which need to be secured. This sucks in a pubnix environment!

SCGI allows the dynamic process to be started by something other than Molly, so it can be made safe (you can run them as nobody and even chroot them somewhere safe), but it's more of a chore to setup.

Unfortunately having to restrict CGI execution to explicitly trusted paths is necessary because until Go gets a functioning setuid() functionality, the CGI processes will run as the same user as Molly does, meaning they necessarily have access to TLS keys, log files, and other things which need to be secured. This sucks in a pubnix environment! SCGI allows the dynamic process to be started by something other than Molly, so it can be made safe (you can run them as `nobody` and even chroot them somewhere safe), but it's more of a chore to setup.
solderpunk commented 2020-07-06 14:21:21 +00:00
Owner
Copy Link

I'm going to close this, because SGI is now much better documented in the README. If you have trouble getting it to work, feel free to open more specific issues. Same if you think the documentation is lacking in some ways.

I'm going to close this, because SGI is now much better documented in the README. If you have trouble getting it to work, feel free to open more specific issues. Same if you think the documentation is lacking in some ways.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
ratelimiting
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: solderpunk/molly-brown#5
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?