mike cardeiro wrote:
From: André Warnier <a...@ice-sa.com>
You should probably analyse your requirements carefully (as to exactly /why/ you
want the script to run as that user).
I am creating a file transfer site. When a user logs in they can upload a
file, so I need the script to write the file to a directory that is not
accessible by the webserver; when another user logs in they can retrieve the
file.
Well, that's what I meant by analysing your requirements properly.
Presumably, your script is the one who accepts the file upload, and writes the file to
some directory.
Assuming that the script runs under the Apache user-id (the default), that script can
still write to any directory outside the Apache document_root, as long as that directory
is writeable by the Apache user-id.
Since that directory is outside the document_root, Apache by itself cannot
access it.
To allow some people to retrieve the files, all you then need to do is to provide another
script that can read that same directory and send a file back to the user.
None of that really requires Apache to run your scripts as another user (which is
difficult to achieve and full of potential security holes).
Now, as long as we're there, what happens in your application if two people upload a file
with the same file name ?
