|
Posted by Richard Lynch on 03/03/05 00:15
Vaibhav Sibal wrote:
> The scenario is, I made a login interface wherein i accept usernames
> and passwords from users and after comparing them to a database I log
> them in. The server runs Linux Fedora Core 2. Now I want to know
> whether there can be a scenario wherein I can make the logged in user
> have access to files of which he/she is the owner of or the file
> belongs to a group whose membership he/she has. Is this possible ?
> because as far as my knowledge goes, its only possible to give access
> to users to specific files if the user logs in to a particular shell.
> Please provide some help on this if you can. Thanks in advance !
You could compare their username that you are using to the username in
/etc/passwd and compare that to http://php.net/fileowner
If you control both /etc/passwd and the database, and have the usernames
synchronized, you could write your PHP script so that people can only
"see" or "read" the files owned by them.
With a bit more effort, you could also compare groups and group
permissions with http://php.net/filegroup
You would probably need http://php.net/exec and do something like:
$command = "groups $username";
to find out what groups the user is a member of, and then go through
/etc/passwd to find out the group IDs and compare those to the output of
'filegroup'
So it *could* be done, but it will be a bit of work.
You may want to Google for "PHP fileowner filegroup" or similar and see if
there's an existing script out there for it.
http://phpclasses.org should be searched in particular.
--
Like Music?
http://l-i-e.com/artists.htm
[Back to original message]
|