Home > Archive > PHP Language > August 2004 > file permissions - ack! - REPOST
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
file permissions - ack! - REPOST
|
|
| Chris Fortune 2004-08-10, 3:56 pm |
| > *** Chris Fortune wrote (Fri, 06 Aug 2004 07:47:08 GMT):
[color=darkred]
>
> Turn on all errors with error_reporting(E_ALL). Also, post the code
> you're using to open, and write to the file.
>
Here is the contents of /home/joe/.bogofilter
drwxrwxrwx 219 joe joe 4096 Jul 30 18:23 ./
drwx--x--x 21 joe joe 20480 Aug 10 12:55 ../
drwxr-xr-x 2 joe joe 4096 Jul 29 18:21 30/
Here is the contents of /home/joe/.bogofilter/30
drwxr-xr-x 2 joe joe 4096 Jul 29 18:21 ./
drwxrwxrwx 219 joe joe 4096 Jul 30 18:23 ../
-rw-rw-rw- 1 joe joe 9958 Jul 29 18:21 whitelist.txt
contents of blacklist.php:
<?
$uid = 30;
error_reporting(E_ALL);
$file = "/home/joe/.bogofilter/$uid/whitelist.txt";
if (file_exists($file)) {
if(! unlink ($file)) echo "Couldn't unlink $file";
}else echo "$file doesn't exist";
?>
Warning: unlink(/home/joe/.bogofilter/30/whitelist.txt): Permission denied
in /home/joe/public_html/test.php on line 5
Couldn't unlink /home/joe/.bogofilter/30/whitelist.txt
Ack! Can anyone tell me what is wrong here?
| |
| John Murtari 2004-08-10, 8:58 pm |
| "Chris Fortune" <hey.spammer...just.get@job.org> writes:
>
>
> Here is the contents of /home/joe/.bogofilter
>
> drwxrwxrwx 219 joe joe 4096 Jul 30 18:23 ./
> drwx--x--x 21 joe joe 20480 Aug 10 12:55 ../
> drwxr-xr-x 2 joe joe 4096 Jul 29 18:21 30/
>
>
> Here is the contents of /home/joe/.bogofilter/30
>
> drwxr-xr-x 2 joe joe 4096 Jul 29 18:21 ./
> drwxrwxrwx 219 joe joe 4096 Jul 30 18:23 ../
> -rw-rw-rw- 1 joe joe 9958 Jul 29 18:21 whitelist.txt
>
>
> contents of blacklist.php:
> <?
> $uid = 30;
> error_reporting(E_ALL);
> $file = "/home/joe/.bogofilter/$uid/whitelist.txt";
> if (file_exists($file)) {
> if(! unlink ($file)) echo "Couldn't unlink $file";
> }else echo "$file doesn't exist";
> ?>
>
> Warning: unlink(/home/joe/.bogofilter/30/whitelist.txt): Permission denied
> in /home/joe/public_html/test.php on line 5
> Couldn't unlink /home/joe/.bogofilter/30/whitelist.txt
>
> Ack! Can anyone tell me what is wrong here?
Okay, I'm assuming that this script is being executed
through your web server and that it is running under another userid
which is not your -- it would not have permission to
unlink a file from the '30'directory since it does not have
write permission to the directory.
Hope this helps.
--
John
________________________________________
___________________________
John Murtari Software Workshop Inc.
jmurtari@following domain 315.635-1968(x-211) "TheBook.Com" (TM)
http://thebook.com/
| |
| Chris Fortune 2004-08-10, 8:58 pm |
|
>
> Okay, I'm assuming that this script is being executed
> through your web server and that it is running under another userid
> which is not your -- it would not have permission to
> unlink a file from the '30'directory since it does not have
> write permission to the directory.
>
Yes! It's running as user nobody, which is the problem. I don't want to
upgrade the permissions for "nobody", it's too dangerous. CGIWrap is a good
solution, but requires me to rewrite too many scripts (and why should you
have to install another program in order to make PHP work?!!!). What about
creating a transitional user that has limited permissions but has
permissions for both whitelist.txt and blacklist.php??
| |
| Rick Cooper 2004-08-27, 3:56 pm |
|
"Chris Fortune" <hey.spammer...just.get@job.org> wrote in message
news:ZKbSc.782$jZ5.244@clgrps13...
>
>
>
> Yes! It's running as user nobody, which is the problem. I don't want to
> upgrade the permissions for "nobody", it's too dangerous. CGIWrap is a
good
> solution, but requires me to rewrite too many scripts (and why should you
> have to install another program in order to make PHP work?!!!). What
about
> creating a transitional user that has limited permissions but has
> permissions for both whitelist.txt and blacklist.php??
PHP is working exactly the way your operating system rules require. If you
don't want to use a wrapper then I would suggest you look into
sudo/sudoers/visudo. You could create a shell script that manages the
actualy command using the sudo command and permissions executed by your
webscript. You should, of course, make sure you have some common sense
security within the shell script. No matter what "transitional" user you
create you will still be executing the script as the web server user.
|
|
|
|
|