Posted by Shelly on 10/30/96 11:19

"Gordon Burditt" <gordonb.wppv6@burditt.org> wrote in message
news:11bjdorp4l0m912@corp.supernews.com...
>>>> I have a new server and I have my files up there. The files are in
>>>> /var/www/html/. In this directory I have another directory that I
>>>> created
>>>> called "users". I am unable to figure out how to set permissions on
>>>> this
>>>> directory, and what those permissions should be. I am using
>>>> ShieldHost.
>
> You apparently have *THREE* types of users here.
>
> There are MySQL users, who are authorized to access the database.
> Typically a PHP web page has one of these hidden in it somewhere
> so the page can access the DB. Occasionally a user will enter their
> own MySQL DB password into a web page for use accessing the DB, but
> usually, it's the PAGE, not the USER who has the DB access authority.

No, my users do not access the MySQL database. That is done solely by the
page. Oh, I, as the administrator, can access the database through the
admin interface. The users cannot.

> There are web users, who log into a web page. Typically these users
> are listed in a MySQL table (NOT the MySQL privilege table) but
> they do not have authority to log into the DB directly. These are
> a creation of the web page itself, which enforces logins.

Those are the only kind of users I have (other than administrators).

> There are OS users, who have permissions to access files.

That is me.

>>>> When there is a new user, and he enters his desired name and password,
>>>> as
> Web user.
>
>>>> part of the process I want to create a small directory tree under
>>>> "users"
>>>> with the username as the top level. I get that I don't have permission
>>>> to
>>>> do that with the mkdir in the code. The line of code is:
>
> The OS user Apache is running as does not have permission to
> create a directory where you want it to.

Exactly!!!! How do make that possible? That is the $64K question.

>>>> mkdir($_SESSION['UserRoot'] . $ss_username, 0755);
>>>>
>>>> where the session variable has the directory path ending in "/".
>>>>
>>>> Any ideas?
>>>>
>>>> Shelly
>>>
>>> Without root access you don't have permission to create users, which you
>
> You can't create OS users, and you may or may not be able to create
> MySQL users (later on it seems you can create MySQL users, which
> isn't what you need). You CAN create web users, as your page handles
> all of that.
>
>>> already know because your in Unix. I don't know Sheildhost but would I
>>> be
>>> right in thinking (from your post) that you are expecting it to have
>>> some
>>> means to create 'sub-users' for hosting purposes?
>>>
>>> This could only really be a controlled access system rather than a real
>>> owner:group at system level. More of a login system to your users. But
>>> in
>>> the end the files will still be owned by yourself.
>>
>>Last night they had the AFI show on with the 100 best quotes from the
>>movies. What came to mind is "It seems we have a failure to
>>communicate" --
>>and it is my fault.
>>
>>I don't want to create users that can access the server. The ShieldHost
>
> MySQL users.
>
>>admin interface allows me to do that -- but that is not the idea. I want
>>to
>>create "users" in the same sense as "members" of a "club". This is just
>
> Web users.
>
>>like signing up for Yahoo or any of a myriad of products. None of those
>>users can access the server except to run the scripts from a URL and their
>>links. So, when I say creating a username it is for being part of a
> Web users.
>>group -- not for having an account on the server.
> MySQL users.
>
>>I want the new user/member to join the group with a username through the
>>web
> Web users.
>
>>page interface I provide. I check that the name is available and then add
>>that user to the database. I also, at the same time as I add him to the
> Web users.
>
>>database of users, want to create a directory with that username under a
>>master directory called "users".
> Web users.
>
>>Under this username directory I want to
>>create at least two other directories into which I will place files that
>>he
>>will upload later. The reason for this is (a) to organize so it is
>>individual by users, and (b) to avoid file name collision.
>>
>>The problem I am having is that no matter how I set the permissions for
>>the
>>"users" directory -- or even the one above that -- I cannot create a new
>>directory with the username.
>
> The OS user that apache / PHP are running as does not have OS privileges
> to create the directory.
>
> It may simply be hosting site policy that the Apache/PHP OS user
> does not have privileges to write files *ANYWHERE*. If you want
> to write something, stuff it in the database, put it on a user
> machine as a cookie, or forget about saving it. You FTP stuff in
> as a different OS user which does give you permission to write.
> This protects the web site against viruses and such. It can also
> be very annoying to customers like you who want to write files.
>
> If you want OS permissions to create a writable directory, I
> think you'll have to ask your host for it. You might be able
> to do it through the ShieldHost control panel, but I've never
> seen that, so I don't know how.
>
> Gordon L. Burditt

I guess I will have to right a "trouble ticket" to get that to happen.

Shelly

[Back to original message]