tildes, cgi and databases by marval | tildeverse BBJ

>0 marval @ 2023/05/02 09:51

I was thinking of writing some gemini cgi script to host on tilde.team, and I would like for this script to persist data.
Now, if I understand correctly, all cgi scripts are run by the same user, so if I want to read or write data to a location (like a json file or a SQLite db), the "gemini server" user needs permissions to read/write to that location.
However, since this is a tilde, that would mean that every user of the system would have access to the database location.

Am I wrong somewhere? Is there some way to serve data on a tilde that remains secret to the other users of the system?

>1 ekkie @ 2023/05/02 10:17


To my knowledge, you're 100% correct there. If your tilde offers some sort of database, you could use that, but even then, other users could mess with that, as any login data would have to be put into a textfile, readable by the CGI-User, and therefore by every other user on your tilde.

>2 ultrachip @ 2023/05/02 10:27


What sort of data is it? I know it's somewhat contrary to the tilde ethos, but could the database be hosted on a different server?

>3 marval @ 2023/05/02 11:28

I don't really know yet, I don't have a specific project in mind, but I would argue that any such data should be write protected, and if the cgi app requires authentication it should also be read protected, no matter how useless it is.

>4 ultrachip @ 2023/05/03 01:06


I can certainly see the reasoning for that - I'm just not sure what a workable solution would be. I don't think Gemini was really built for the possibility of multi-user hosts.

The only thing I can think of is to prompt the user for a password when they load the page and use it to encrypt/decrypt the data in the database. 

I've never done it before but supposedly gemini does accept rudimentary user input:

>5 anonymous @ 2023/05/14 04:13


I don't think you misunderstand, it is only that most people probably
just live with the consequences as a result of the kind of community
around the tilde.

That being said, a few hacky work-arounds occur to me, depending on
what the final cgi script is intended to do.

You could have the cgi script write data over a writable-only named
pipe to shuffle data into a database like:

    mkfifo ~/mypipe
    chmod 622 ~/mypipe

The program reading and consuming the data is conceptually just going
to do this kind of thing (as a separate user):

    while true; do read-the-data