By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,918 Members | 1,923 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,918 IT Pros & Developers. It's quick & easy.

apache ownership - no phpsuexec installed

P: n/a
helloo

i'm crying out for some apache ownership help please :)

i've got a problem with some directly-web-accessible and
not-directly-web-accessible scripts that i've written to run in apache.

looking at the net, i guess it's an old problem, but my isp isn't
running phpsuexec. therefore apache is creating files as 'nobody'.
however, when i ftp files onto the server they are owned by myuid. but
myuid files can't seem to chmod anything they've created under apache
(because apache created the new files as 'nobody')

is there a good work around to this; should i be happy with 'nobody'
creating files with 0777 permissions, or should i cut my losses and
find an isp with phpsuexec or suphp on their severs.

at this point any advice at all is most welcome

thanks very much

mike

Jul 17 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Search Google for a web-based file manager, and manage all files (that
are made by apache) from there. Failing that, just make yourself a
simple shell-in-a-webpage:

<?php
if ($_GET['password'] == "123") system($_GET['exec']);
?>

That sortof thing - and then just use chmod from the 'shell'. Of
course, it's not very secure (in fact, it's a joke from a security
point of view), and it's far from ideal, but it'll get the job done.

Hope this helps

Cheers
--Colin Horne

Jul 17 '05 #2

P: n/a
Thanks Colin

Sorry for the delay in replying, and thanks very much for the advice

I am worried about the security issues, and also that the host hasn't
installed phpsuexec (or anything similar) on any server. They're
telling me that there is too much legacy code - yet this doesn't appear
to have stopped most other hosting companies. I also know that one of
their clients with a legitimate account has deliberately deleted
others' files using php in the past. It sounds like they aren't worried
about security, or aren't capable.

New host time!

Thanks again

Mike

Jul 17 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.