|
Posted by Gordon Burditt on 10/21/82 11:42
>>>I had a nice php application running on my server here at home, and I
>>>uploaded it to a shared public type server and it started to break all
>>>over the place. It turns out that some scripts required higher
>>>permissions that others, but I can't figure out what the difference is.
>>
>>
>> What kind of permissions? File permissions or database permissions?
>> And what kind of database is it? MySQL?
>
>I'm talking about file permissions 644, 744, etc. The database is mySQL.
>I'm sorry if I didn't provide enough detail. I was hoping to get some
>general principals as to what file permissions were required by php
>scripts performing different tasks.
>>
>>
>>>They all read from the database. Some write to the database, but not
>>>all the ones that require higher permissions do.
>>
>>
>> Do some of them write to *FILES*?
>
>There's some pdf file creation and text file creation on the fly, but
>they're not stored on the server. They're just delivered to the user.
>There's no writing to external files, and there's only reading from
>includes.
>
>>
>>
>>>I don't understand
>>>what it is about some scripts that require execute permissions while
>>>other do not.
>>
>>
>> Generally, programs that are executed as CGIs or as program from
>> PHP exec or from shell commands need (file) execute privilege. Web
>> pages including PHP web pages) don't.
>
>This hosting service runs php in cgi mode. Could that be an issue?
If PHP is run in cgi mode, then PHP itself must be executable,
and you might have either setup:
(1) Apache with suexec: your CGIs run as the same user as the
files you FTP in or
(2) Apache without suexec: your CGIs run as the apache user which
is not the same as the files you FTP in.
These are quite different from each other. (1) is probably more
like your home system.
>>>And I don't really understand who at the server is the
>>>owner and who is the group and who is the world.
>>
>>
>> In a common setup, Apache and PHP run as The Apache User in The
>> Apache Group (under whatever names they are called). When you FTP
>> stuff in, it is owned by Some Schlep User in the Schlep User's
>> Group, which are different from The Apache User and The Apache
>> Group. So generally, the 'world' permissions are the ones relevant.
>> Files and directories created by PHP are, however, owned by The
>> Apache User and The Apache Group.
>>
>
>Oh. So, that's a difference between here and the hosting service.
>
>>
>>>And last why did all
>>>these scripts work with 644 on my server here even for people accessing
>>>it from outside the LAN and what's different about the server farm?
>>
>>
>> You haven't proved that this is the case. In any case, on YOUR
>> server, maybe the script files and the user running the web server
>> are the SAME.
>
>Yes, that is the case.
>
>>
>>
>>>Could someone shed some light on this? I'd really appreciate it.
>>
>>
>> You haven't given anywhere near enough detail to do that.
>
>Some PHP scripts run OK at 644 while others require 755. These are all
What error messages do you get when you violate this? How do you
know some scripts require mode 755?
>simple select, insert, and delete routines with some ajax thrown in for
>good measure. If I compare the functions of the scripts I cannot see
>any thing different about them. This is MySQL 4.1.15 and php 4.4.1. What
>more detail can I provide?
Gordon L. Burditt
[Back to original message]
|