ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  Working with Permissions in PHP, Part 1
Subject:   I, too, was a little disappointed by this article
Date:   2005-02-24 11:16:50
From:   RichardBronosky
It's actually a great article on Unix file permissions. Something that I was really confused about when I started using Unix several years ago. But I was able to find an article very similar to this back then and I now don't have to think twice about chmod'ing files and such.


But, the point is that there are tons of very similar articles out there.
http://www.google.com/search?q=unix+file+permissions+tutorial
The google search above returns 305,000 of them.


I think that the author should have just wrote his "Working with Permissions in PHP, Part 2" and used one of the existing tutorials as a prerequisite.


What I'd really like to see is an intelligent disscussion on the problem of using permissions that would allow a PHP based CMS to write to files as the www user and allow you to write to the files as your ftp/shell user. The common approach is to use chmod 666 (global read+write). But that is a big security risk on a shared environment.


Keep in mind that this is on an environment where I do not have root access or access to /bin/su. This is the case for most PHP hobbyists. Which includes my personal projects like http://bronosky.com that is hosts using a cheap shared plan. At work I have root access, or can request changes from the admins in other divisions.


On boxes I administer I just make myself a member of the www group which Apache normally belongs to. Any files I want PHP to write to are "chgrp www"'ed and "chmod g+w"'ed. This helps but is not perfect. Most importantly, you will not get access to the www group on a share host.


Is there a way to get php to exec() as my user?