browser execution

George Phillips (phillips@cs.ubc.ca)
5 Jul 93 17:38 -0700


Marc VanHeyningen <mvanheyn@cs.indiana.edu> writes:
>Servers can run without privilige; ours runs as id "daemon" and
>doesn't have the priv to do much other than dequeue other people's
>print jobs. Surely webmasters don't run their HTTP server as root?

Right, but if you want some mechanism that is as powerful as "exec:",
your server will have to run with privilege. Remember, I want
"exec:" to be more than just a dynamic HTML source, it can also
modify the user's files (like a .newsrc for rn.html). Even the
safer things like a fancy file browser need to run as the user
so that they can see all the files available to that user.

So what kind of facilities do we propose be added to a server
that will allow it to do the things "exec:" can do? That is,
what's the alternative?

I'm sorry if I'm beating this to death, but the truth is that I'm
already using some form of "exec:" and will continue to do so.
It would be so much better if there were a standard way to do this
since I'm sure there are lots of others who want to do the same thing.
Even an agreement like "We really think exec: is a bad idea, but if
you must, do it this way..." would be valuable.

-- George