• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

php - file owners with safemode enabled/disabled

mattsoft

New Member
I'm writing an installer script for a project I'm doing. I have the compiler and everything done, but I ran into a wall face first.. I noticed that with safemode enabled, newly created files have the same owner as php which is my username, but with it disabled, the new files still have the same owner as php but it's nobody. I have to make the installer compatable with safemode both enabled and disabled. but if the file's owner is nobody, you have limited permissions with things like ftp. is there an easy way around this, or do I have to add an option for the installer to write the new files over ftp?
 
Last edited:
spec said:
Well you can change the fileowner with chown()

but.. how do I get permission to do that? if php is running under nobody, it would say it doesn't have permission to change the owner. :confused4
 
Most installer scripts require the user to chmod the files first. What you need to do is have the user upload all of the files to his server and only have an installer to setup the configuration. Don't, I repeat, don't make the installer script unpack the files/create new files. It should edit existing files to be compatible with safe mode.

I hope that answers your question. If not could you give a little more detail on how your installer needs work?
 
scriptfactory said:
Most installer scripts require the user to chmod the files first. What you need to do is have the user upload all of the files to his server and only have an installer to setup the configuration. Don't, I repeat, don't make the installer script unpack the files/create new files. It should edit existing files to be compatible with safe mode.

I hope that answers your question. If not could you give a little more detail on how your installer needs work?


yeah. I'd like to have my installer work both ways. have the compiler make a folder of the files I can zip, and make a compressed file the installer can install the files from. I think if the installer detects safemode is disabled, then have it install over ftp automaticly.
 
Troubleshooting:
for safe mode disabled, you can call external program to login as certain user in order to get more access to the whole system. you may try exec() and then execute command line php.
 
bloodyveins said:
Troubleshooting:
for safe mode disabled, you can call external program to login as certain user in order to get more access to the whole system. you may try exec() and then execute command line php.

ooh. that's one thing I was thinking about doing, but didn't think it would work. where did you find that?
 
Get a copy from /bin/chmod then make it run as root :
[root@localhost]# cp /bin/chmod /directory/chmod-private
[root@localhost]# chmod 4755 /directory/chmod-private
Now you can changing mod with any user using this file !
Note that this can be very dangerous . Any user who knows about this file can get root !
 
Salam said:
Get a copy from /bin/chmod then make it run as root :
[root@localhost]# cp /bin/chmod /directory/chmod-private
[root@localhost]# chmod 4755 /directory/chmod-private
Now you can changing mod with any user using this file !
Note that this can be very dangerous . Any user who knows about this file can get root !

this somehow gives root access?? :confused4 if it does then it's probably not avalible on the shared servers the software will be installed on. it has to be compatable with 90% of servers if possible.
 
First, I made a mistake : you need to change the owner not the mod, so copy chown insteed of chmod .
And, yes. this needs root access . If you want to work in shared servers you can use ftp (as you said) .
 
Salam said:
First, I made a mistake : you need to change the owner not the mod, so copy chown insteed of chmod .
And, yes. this needs root access . If you want to work in shared servers you can use ftp (as you said) .

What?? Playing with chown binary?? Oh, no. It's too dangerous. You can't imagine what the user will do with that file. This is even a potential hole to internal system hacking.

It's more realistic to pass arguments through exec() command. To find how, just do a little search. I can't reveal all the secret here... :)
 
bloodyveins said:
What?? Playing with chown binary?? Oh, no. It's too dangerous. You can't imagine what the user will do with that file. This is even a potential hole to internal system hacking.

It's more realistic to pass arguments through exec() command. To find how, just do a little search. I can't reveal all the secret here... :)

is it possible to use exec() to change the current user? there's the standard command for it in linux, but it has a few small protections on entering the password, so I'm not sure if I can use that.
 
One way is to use SSH with private key.
But this way is not proper for shared servers, because the server must accept ssh and also let you put files in "your home directory/.ssh" .
Another problem with exec() is that, your server may be a MS Windows server and then your commands (like su or ...) will not work .
I think the most reliable way is to use ftp .
Some times ago I had problems with file permitions on a server. At last I wrote a script to automatically login with ftp, then change the file ...
maybe this method can help you too.
 
Salam said:
One way is to use SSH with private key.
But this way is not proper for shared servers, because the server must accept ssh and also let you put files in "your home directory/.ssh" .
Another problem with exec() is that, your server may be a MS Windows server and then your commands (like su or ...) will not work .
I think the most reliable way is to use ftp .
Some times ago I had problems with file permitions on a server. At last I wrote a script to automatically login with ftp, then change the file ...
maybe this method can help you too.


ok. I'll just have to do it over ftp. thanks.
 
Back
Top