Page 1 of 1

Permissions question - again :(

Posted: Mon Jan 23, 2006 7:32 pm
by alex.barylski
Ok so I've read up on permissions and such trying to make sense out of this mess I'm in...

My understanding goes like...

PHP is likely run as a 'nobody' user...as in has very limited access priv's...especially in a shared host environment...

Just to make clear (for myself) PHP is not likely run as a Linux root/super user???

Lets assume the username is: thecamp

Now, any PHP scripts executed run under the context of 'thecamp' user...

When PHP creates a file, its UID should be 'thecamp'

When I FTP a file/folder to my web server...I can change the permissions via FTP, but when I create a file/folder via a PHP script and try and change the CHMOD, etc inside the FTP app...I get permission denied errors...in the FTP app console???

I also get SAFE MODE errors...which I understand is due to the differences of UID's...

But why would these UID's be different?

Does this suggest that the ftpd and php are executing under different user contexts???

This is a shared host, so I have NO ROOT access...so I don't think CHOWN is any good to me...unless I misunderstand how this whole permission system works...

Any ideas???

This is driving me nutts :)

Cheers :)

Posted: Mon Jan 23, 2006 9:25 pm
by John Cartwright
Moved to Web Servers.

Posted: Tue Jan 24, 2006 9:21 am
by Chris Corbyn
Apache runs under ther use given in httpd.conf (usually "nobody"). Therefore all files created by Apache are owned by "nobody", just the same as if you logged as "hockey" all files created would be owned by "hockey".

Now, with FTP, when you log in you are logging in under the username of the hosting you have. This might be "hockey" for example so all files created are therefore owned by that user.

Safe Mode is a pain I grant you that ;) If you set the permissions on the directory the way you'd like all files created in it to be, then `chmod +s' that directory all files created under it should inherit those permissions. How you'd do that without shell access I'm not 100%.

Posted: Tue Jan 24, 2006 9:55 am
by pickle
d11wtq wrote:How you'd do that without shell access I'm not 100%.
Just because you don't have shell access doesn't mean you can't run shell commands. shell_exec() is what I use on my shared host - gets stuff done nicely;)

Posted: Tue Jan 24, 2006 10:57 am
by Chris Corbyn
pickle wrote:
d11wtq wrote:How you'd do that without shell access I'm not 100%.
Just because you don't have shell access doesn't mean you can't run shell commands. shell_exec() is what I use on my shared host - gets stuff done nicely;)
Yes... but they'll be run under the user the apache runs as... hint hint ;)

Posted: Tue Jan 24, 2006 11:03 am
by pickle
Ha - ya.

When you ftp the files, you can make them world read/writable. That would allow you to goof with them from the command line. You wouldn't want to do that though if you were concerned about the integrity of the file (such as a PHP file). I'd only recommend doing that if you were uploading images or media files of some sort.