FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.
Home » FUDforum » How To » maillist.php and permission problems (importing of mailing list to forums broken because of user/permissions)
Show: Today's Messages :: Polls :: Message Navigator
Switch to threaded view of this topic Create a new topic Submit Reply
icon5.gif  maillist.php and permission problems [message #162105] Fri, 19 March 2010 00:04 Go to next message
lbrigman124 is currently offline  lbrigman124   United States
Messages: 26
Registered: March 2010
Karma: 0
Junior Member
If I run the script as root everything works. But as a normal user, it is broken.

I have FUDforum running in the apache context so
all the scripts directory have just that without
any execute permissions.

-rw------- 1 apache apache 3640 Mar 8 16:36 forum_login.php
-rw------- 1 apache apache 37400 Mar 8 16:36 fudapi.inc.php
lrwxrwxrwx 1 apache apache 37 Mar 8 16:36 GLOBALS.php -> /var/www/FUDforum/include/GLOBALS.php
-rw------- 1 apache apache 19281 Mar 15 15:42 maillist.php
-rw------- 1 apache apache 2726 Mar 15 15:43 nntp.php
-rw------- 1 apache apache 15488 Mar 8 16:36 rdf_parser.php
-rw------- 1 apache apache 308 Mar 8 16:36 README
-rw------- 1 apache apache 6394 Mar 15 15:43 xmlagg.php

To get it to actually run from procmail I had to change
the maillist.php file to be read+execute for all.
-rwxr-xr-x 1 apache apache 19281 Mar 15 15:42 maillist.php

But that leads to other permission errors.
------------------
PHP Warning: require(/var/www/FUDforum/scripts/GLOBALS.php): failed to open stream: Permission denied in /var/www/FUDforum/scripts/maillist.php on line 352
PHP Fatal error: require(): Failed opening required '/var/www/FUDforum/scripts/GLOBALS.php' (include_path='.:/usr/share/pear:/usr/share/php') in /var/www/FUDforum/scripts/maillist.php on line 352
---------------------------------
Powered by: FUDforum 3.0.0.
RedHat 5.4
postfix-2.3.3-2.1.el5_2
mailman-2.1.9-4.el5
php-5.1.6-24.el5_4.5

from webinstall package - FUDforum_web_install_3.0.0.zip downloaded from sourceforge.net

I can change the other file permissions that will allow others
to read all the settings and gain direct access to the databases.

What is the best way to configure the maillist import process in
light of these permission problems?

Report message to a moderator

Re: maillist.php and permission problems [message #162123 is a reply to message #162105] Mon, 22 March 2010 18:19 Go to previous messageGo to next message
lbrigman124 is currently offline  lbrigman124   United States
Messages: 26
Registered: March 2010
Karma: 0
Junior Member
Is anyone going to attempt an answer? Opening all the scripts
to be read by everyone is a big security hole.

Report message to a moderator

Re: maillist.php and permission problems [message #162124 is a reply to message #162123] Mon, 22 March 2010 20:54 Go to previous messageGo to next message
naudefj is currently offline  naudefj   South Africa
Messages: 3771
Registered: December 2004
Karma: 28
Senior Member
Administrator
Core Developer
Good question! This isn't really a FUDforum problem, but rather a general Unix/Linux security problem. Some suggestions that may be worth investigating:

* Use sudo to call the mailing list script.
* Use ACL's to only grant the required users access.

Report message to a moderator

Re: maillist.php and permission problems [message #165279 is a reply to message #162124] Fri, 20 May 2011 12:30 Go to previous message
grepnold is currently offline  grepnold   United Kingdom
Messages: 6
Registered: May 2011
Karma: 0
Junior Member
I've had a similar problem and seem to have fixed it. PHP won't include a file specified in include/require(_once) unless its directory is in the include path. Yours is the default .:/usr/share/pear:/usr/share/php.

You need to find where include_path is set, usually a copy of php.ini but it could be in the apache/httpd config files. (There are just too many places and too many copies of config files!) Where there is a commented out ;include_path, add include_path = " .:/usr/share/php:/usr/share/pear:/var/local/FUDforum/scripts:/var/local/FUD forum/include:/var/local/FUDforum/include/theme/default "


You probably also need to check that the user apache runs under has read access to the files and execute access to all parent directories.

You will probably then need to reload the webserver config, using a command like apache2 graceful or httpd graceful.

You may need to adapt this for your specific case but I hope this at least points to where the problem may lie.

Report message to a moderator

  Switch to threaded view of this topic Create a new topic Submit Reply
Previous Topic: Remove Registration Link
Next Topic: Mailing lists - desperately confused
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Apr 24 01:28:41 GMT 2024

Total time taken to generate the page: 0.02973 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.1.3.
Copyright ©2001-2023 FUDforum Bulletin Board Software