Change user for fopen

Hi all

I need to write a script which overwrites certain .php files in the current
directory. Running as www user, I get a Permission denied on fopen.
Obviously, I could CHMOD all files to allow for writing of the www group.
However, I guess this would be quite a security flaw, so here's what I'd
like to do:

Change "running" user from www to root (or any other user), do fopen /
fwrite / fclose, change user back.

(How) Can I do this with PHP?

Thanks a lot
Simon

re: Change user for fopen

>I need to write a script which overwrites certain .php files in the current[color=blue]
>directory.[/color]

This objective by itself is a significant security issue.
It greatly increases the possible damage.
Are you sure you can't put this data in a database?
[color=blue]
>Running as www user, I get a Permission denied on fopen.
>Obviously, I could CHMOD all files to allow for writing of the www group.
>However, I guess this would be quite a security flaw, so here's what I'd
>like to do:
>
>Change "running" user from www to root (or any other user), do fopen /
>fwrite / fclose, change user back.[/color]

If that was allowed, there'd be no security at all.
The OS doesn't let PHP change users like that (it is NOT
recommended that you run PHP or Apache as root).

In UNIX the way to accomplish this is running a setuid program.
This has to be done very carefully. If you make it too general,
you're erasing the distinction between users.

Gordon L. Burditt

re: Change user for fopen

Hi Gordon

Thanks for your input. My script is a deployment-tool which does the
following:

- Get the current revision of a web application out of Subversion (a version
control system)
- Write the retrieved .php, .js etc files into wwwroot

So, the files unfortunately can't be in a database.

Simon

"Gordon Burditt" <gordonb.todzf@burditt.org> wrote in message
news:1203p273vaumfbc@corp.supernews.com...[color=blue][color=green]
> >I need to write a script which overwrites certain .php files in the
> >current
>>directory.[/color]
>
> This objective by itself is a significant security issue.
> It greatly increases the possible damage.
> Are you sure you can't put this data in a database?
>[color=green]
>>Running as www user, I get a Permission denied on fopen.
>>Obviously, I could CHMOD all files to allow for writing of the www group.
>>However, I guess this would be quite a security flaw, so here's what I'd
>>like to do:
>>
>>Change "running" user from www to root (or any other user), do fopen /
>>fwrite / fclose, change user back.[/color]
>
> If that was allowed, there'd be no security at all.
> The OS doesn't let PHP change users like that (it is NOT
> recommended that you run PHP or Apache as root).
>
> In UNIX the way to accomplish this is running a setuid program.
> This has to be done very carefully. If you make it too general,
> you're erasing the distinction between users.
>
> Gordon L. Burditt
>[/color]

re: Change user for fopen

On Mon, 27 Feb 2006 09:22:10 +0100, "Simon Niederberger"
<simon@sincore.ch> wrote:
[color=blue]
>Hi Gordon
>
>Thanks for your input. My script is a deployment-tool which does the
>following:
>
>- Get the current revision of a web application out of Subversion (a version
>control system)
>- Write the retrieved .php, .js etc files into wwwroot
>
>So, the files unfortunately can't be in a database.
>
>Simon
>
>"Gordon Burditt" <gordonb.todzf@burditt.org> wrote in message
>news:1203p273vaumfbc@corp.supernews.com...[color=green][color=darkred]
>> >I need to write a script which overwrites certain .php files in the
>> >current
>>>directory.[/color]
>>
>> This objective by itself is a significant security issue.
>> It greatly increases the possible damage.
>> Are you sure you can't put this data in a database?
>>[color=darkred]
>>>Running as www user, I get a Permission denied on fopen.
>>>Obviously, I could CHMOD all files to allow for writing of the www group.
>>>However, I guess this would be quite a security flaw, so here's what I'd
>>>like to do:
>>>
>>>Change "running" user from www to root (or any other user), do fopen /
>>>fwrite / fclose, change user back.[/color]
>>
>> If that was allowed, there'd be no security at all.
>> The OS doesn't let PHP change users like that (it is NOT
>> recommended that you run PHP or Apache as root).
>>
>> In UNIX the way to accomplish this is running a setuid program.
>> This has to be done very carefully. If you make it too general,
>> you're erasing the distinction between users.
>>
>> Gordon L. Burditt
>>[/color]
>[/color]

Simon,

A similar situation was brought up recently in this newsgroup. I'll
suggest now what I suggested then: the FTP functions of PHP. It may
at least address the issue of permissions, but may also have its own
security problems (userid / password in plaintext, etc.).

heyster

re: Change user for fopen

My solution was this:

Access file via local FTP. This will set the owner / group according to the
FTP login. Obviously, this requires FTP access to the file location.

Simon

"Simon Niederberger" <simon@sincore.ch> wrote in message
news:440195bc@news201.datazug.ch...[color=blue]
> Hi all
>
> I need to write a script which overwrites certain .php files in the
> current directory. Running as www user, I get a Permission denied on
> fopen. Obviously, I could CHMOD all files to allow for writing of the www
> group. However, I guess this would be quite a security flaw, so here's
> what I'd like to do:
>
> Change "running" user from www to root (or any other user), do fopen /
> fwrite / fclose, change user back.
>
> (How) Can I do this with PHP?
>
> Thanks a lot
> Simon
>[/color]