On Wed, 10 Feb 2010 16:08:42 +1030, james.mcl...@gmail.com (James McLean) wrote:

>On Wed, Feb 10, 2010 at 2:51 PM,  <clanc...@cybec.com.au> wrote:
>> I'm basically familiar with the UNIX permissions - 'owner', 'group', or 
>> 'other', but I
>> have no real idea how these apply to webpage users under PHP. I know that if 
>> I FTP to the
>> server I am the owner, and I think that if I, or anyone else, opens one of 
>> my webpages I
>> am 'other'.
>Almost right. It's UGO, User Group and Other.
>When you view a PHP page, it's (usually) served by Apache, the process
>will be owned by a user, usually 'apache'; who is also a member of a
>group, usually 'apache'. On some systems these users/groups can be
>'httpd', 'www-data' etc. When you or I look at a PHP file served from
>Apache, there is no concept of users/groups/others outside those that
>apply to the Apache process that served the data.
>> However what I would like to do is assign certain users, who have logged in 
>> through a
>> security portal, to 'group', so that they (but not 'others') have permission 
>> to write to
>> data files on the site.
>It's a seperate thing, because once again inside PHP there is no
>concept of users/groups outside the Apache process itself. It would be
>up to your PHP code to manage who has access to what, the files will
>all be read from and written to disk by the Apache process.

Thanks. So it is as I feared, and if I want any file to be editable under any
circumstances, I have to give write access to 'others'.

It is a little surprising that PHP has not made any provision for manipulating 
users write
permissions, as this could provide a little extra protection from malicious 

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to