FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum » FUDforum Suggestions » Add a - using safe mode - option to lock/unlock files
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
Add a - using safe mode - option to lock/unlock files [message #37670] Wed, 13 June 2007 22:08 Go to next message
Astoria is currently offline  Astoria   United States
Messages: 225
Registered: April 2004
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
I got slammed with "internal server errors" and refusals to execute when I tried to use the lock/unlock admin function to change my forum's file permissions running in safe mode under phpsuexec. The errors varied depending on whether I had tried to lock or unlock the files, but I got them either way.

It would be nice if I could make my forum-related files as secure as possible automagically. As it is I cannot use the function.

A "running in safe mode" flag could be set somewhere in globals and, if set, vary the permission changes accordingly when the lock/unlock files function is executed.
Re: Add a - using safe mode - option to lock/unlock files [message #37678 is a reply to message #37670] Thu, 14 June 2007 19:40 Go to previous messageGo to next message
Ilia is currently offline  Ilia   
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
So you'd change permissions of files manually and would like the forum to recognize that fact?

FUDforum Core Developer
Re: Add a - using safe mode - option to lock/unlock files [message #37681 is a reply to message #37678] Thu, 14 June 2007 21:32 Go to previous messageGo to next message
Astoria is currently offline  Astoria   United States
Messages: 225
Registered: April 2004
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
I'd like to see a different set of permissions applied for lock/unlock, that were compatible with safe mode.

- Scripts with 777 permissions won't execute in safe mode; 755 is the maximum permission it will allow to be run. So if an admin uses Unlock on a site that's in safe mode, the forum will immediately go down and start throwing errors.

I had a problem when I locked the files as well -- the forum gets a different kind of permissions error, or it might have just been the admin functions. Sorry I don't remember the details; right now I just have everything set to 755. I am not sure which feature of safe mode causes the "locked" permission error to occur.

Rummaging around trying to figure it out, I ran across a code snippet someone posted to automatically check for safe mode. Doing something like that would probably work better than relying on the admin to configure it:

<?php
// Check for safe mode
if( ini_get('safe_mode') ){
    // Do it the safe mode way
}else{
    // Do it the regular way
}

?>
Re: Add a - using safe mode - option to lock/unlock files [message #37714 is a reply to message #37681] Sun, 17 June 2007 10:40 Go to previous messageGo to next message
Ilia is currently offline  Ilia   
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
I don't think it has to do anything with PHP's safe mode, PHP does not check the file's permissions before executing it. This is a web server setting or restriction imposed by some web server module some ISPs use. As such I am not sure how it can be reliably detected via PHP.

FUDforum Core Developer
Re: Add a - using phpsuexec - option to lock/unlock files [message #37718 is a reply to message #37714] Sun, 17 June 2007 12:41 Go to previous message
Astoria is currently offline  Astoria   United States
Messages: 225
Registered: April 2004
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
The reading I did previous to experimenting with safe mode indicated it not as something you would want to use by itself, but as a hack to address security issues that are introduced by using phpsuexec. And indeed, it does look like phpsuexec is where the permissions issue comes from -- see here. Sorry for the misdirection. It would still be nice if it could be indicated or detected somehow, so that "unlock files" wouldn't break the application in that environment.

(PS Hey, did you write this one? Big fan of safe mode, huh? Razz )
Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: Images only for registered users
Next Topic: From header when sending to mailing list
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Mon Oct 23 04:11:26 EDT 2017

Total time taken to generate the page: 0.00603 seconds