View Full Version : permissions conspiracy

09-14-2003, 10:03 AM
Sometimes computers make things so damned awkward that the only explanation is a conspiracy!

Can someone help me out here? - I've confused myself terribly.

I have a bunch of services on the Internet. . I have a mechanism, where users can register, and they get a directory created for their files.

I have written the backend stuff in a mixture of perl, PHP and MySQL. This is where my problems start.

Whenever a PHP script creates a file or a directory, it is owned by "nobody".

Whenever a Perl CGI Script creates a file or a directory, it is owned by "mylogin" (say).

If I create a file or directory using one type of back-end script, then I have to ensure that I chmod it to 777 to be able to do anything to it with the other.

This is clearly undesirable.

So what is the common practice here? How can I get all my back-end stuff to cooperate without compromising security?


09-14-2003, 02:47 PM
you could try chown(filename, new owner) (http://uk2.php.net/chown)

09-15-2003, 12:22 AM
Nope. This is my web host's computer, not mine. I'm not allowed to to chowns, furthermore if I was - I'd probably have to do them manually rather than inside the script (because the script probably wouldn't have the priviledge).

Come on! I'm really stuck on this one. It must be a common problem, mixing different types of back end script. How do people get around it?

09-15-2003, 12:58 AM
If you can't chown, then I guess there's no way to do it as php own the directories/files it created. The only way to delete them or whatever would be to let php handle them.

If you're not allowed chowns, then all I can do is suggest you change hosts or get your host to change the permissions

09-16-2003, 04:17 AM
Well if you are not allowed to chown then you are kind of screwed, if you own the domain then running on their servers and it isn't a free one then chown should be allowed. If they won't let you try looking at www.westhost.com, they allow me to do everything I want for 8.95 per month. I would change providers. :)

If you don't want to do that then when you make your directories with your backend scripts you are going to either have to set your permissions at the same time you make the directory to either 0775, or 0777, or 0776. Out of the 3 I know 0777 will work. You can do this with PHP by using the umask() function then make your directory.

Hope this helps.