You *CAN* do that with PHP as CGI wrapped with suexec... But you lose
performance, and you'll have to convince the ISP to install that as a second
mime-type with a different extension... They'll need to read the suexec
docs at http://apache.org first and foremost. (Doing suexec incorrectly is
Other option is to chown or chmod the files to allow nobody to do what
nobody needs to do -- Of course, that opens those files up for any other
users on the shared server to mess with, and it's probably easier for an
external hacker to gain "nobody" access than a real user.
Safety is relative. How critical are these files, and how much do you trust
fellow users on a shared resource web-server?
You could also write some world-executable shell scripts that provide
"nobody" with very specific actions they can do to/with the files -- You
want to write that script as limited and carefully as possible so that
*ONLY* the things you want to happen can happen.
Bottom line: Unless you go hard-core with suexec, anything you set up can
be figured out and potentially abused by any fellow users on the ISP.
WARNING [EMAIL PROTECTED] address is an endangered species -- Use
Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm
Volunteer a little time: http://chatmusic.com/volunteer.htm
----- Original Message -----
From: Gerard Samuel <[EMAIL PROTECTED]>
To: PHP <[EMAIL PROTECTED]>
Sent: Thursday, October 04, 2001 7:24 PM
Subject: php, files, ownership....(was file manipulation)
> Ok, I found out what was causing some of the people who were using my
> script and have it fail. They are on a shared server and apache is
> being run as user nobody, so therefore the script is being run as
> nobody. But the the files has to have user ownership foo foo. Is it at
> all possible to have a script run as one user and create files as
> another. Dont know if it is even safe??
> Or could you point me in another direction?
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]