| Re: some really important questions [message #17989 is a reply to message #17987] |
Wed, 28 April 2004 15:27   |
lahoo
Messages: 62
Registered: April 2004
Karma:
|
Member |
|
|
| Citat: |
PHP's mkdir() makes files as httpd:httpd because that's the user:group of the webserver, since PHP runs as the webserver user, all of the files it creates are owned by the webserver.
|
Yes, but then, when trying to write files to that directory it impersonates our account. Further, issuing a mkdir() in PHP with specified permissions of the resulting folder doesn't set that permission on the folder.
I made a test script to demo this to the support group of my WSP:
<html>
<body>
<?php
echo 'create123 - ';
if (mkdir('123', 0777))
echo 'ok';
else
echo 'not ok';
echo '<br>create 123/456 - ';
if (mkdir('123/456', 0777))
echo 'ok';
else
echo 'not ok';
?>
</body>
</html>
I placed this piece of code as mkdir.php in a folder named _test/ and chmod:ed _test to 755. _test is owned, just like all other files/folders in our webplace, by xyz:xyz where xyz is our account.
When mkdir.php is run under these conditions I get
"Warning: mkdir(123): Permission denied in [...]/_test/mkdir.php on line 5"
If I chmod _test/ to 777 and try again mkdir.php will create the folder 123 as being owned by httpd:httpd. Despite specifying 0777 the folder created has rwxr-xr-x
When the second mkdir() is executed I get
"Warning: mkdir(): SAFE MODE Restriction in effect. The script whose uid is 107299 is not allowed to access .../_test/123 owned by uid 398 in .../_test/mkdir.php on line 12"
So... the script is run by 107299 but the folder is created by 398.
If I knew about the amount of problem this odd behaviour would cause me prior to getting the great idea to install FUDforum I would never have bothered. On the paper the system specs matched. I put all the blame on the WSP.
[Updated on: Wed, 28 April 2004 15:30] Report message to a moderator |
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]