Posted by Gordon Burditt on 11/18/10 11:41

>I had a nice php application running on my server here at home, and I
>uploaded it to a shared public type server and it started to break all
>over the place. It turns out that some scripts required higher
>permissions that others, but I can't figure out what the difference is.

What kind of permissions? File permissions or database permissions?
And what kind of database is it? MySQL?

>They all read from the database. Some write to the database, but not
>all the ones that require higher permissions do.

Do some of them write to *FILES*?

>I don't understand
>what it is about some scripts that require execute permissions while
>other do not.

Generally, programs that are executed as CGIs or as program from
PHP exec or from shell commands need (file) execute privilege. Web
pages including PHP web pages) don't.

>And I don't really understand who at the server is the
>owner and who is the group and who is the world.

In a common setup, Apache and PHP run as The Apache User in The
Apache Group (under whatever names they are called). When you FTP
stuff in, it is owned by Some Schlep User in the Schlep User's
Group, which are different from The Apache User and The Apache
Group. So generally, the 'world' permissions are the ones relevant.
Files and directories created by PHP are, however, owned by The
Apache User and The Apache Group.

Some setups run CGIs as the user involved (using Apache suexec) but
this generally doesn't work well with PHP being used as a module.

>And last why did all
>these scripts work with 644 on my server here even for people accessing
>it from outside the LAN and what's different about the server farm?

You haven't proved that this is the case. In any case, on YOUR
server, maybe the script files and the user running the web server
are the SAME.

>Could someone shed some light on this? I'd really appreciate it.

You haven't given anywhere near enough detail to do that.

Gordon L. Burditt

[Back to original message]