Hi Kevin, Just wanted to thank you for your help.
Figured out the problem -- it was partly permission problem (that you helped to solve). I tried a simpler script, testing to see whether I could simply write to a file. I could. It would even append. But back in the "graffiti.php" it still wouldn't recognize or pass the variable. I looked at phpinfo() output and noticed that: register_globals=off and register_argc_argv= off No wonder it wasn't passing the variable. The php.ini told it not to. Changed both to "on", and bingo - a working script! Thanks again, Andre On Sunday 10 February 2002 01:42, you wrote: > Andre, > > Yes, your problem is testing the script as root. As a rule of thumb, never > write scripts or test stuff as root. The root user should only be used > when you need to install something new, or perform system maintenance. > > Kevin > ----- Original Message ----- > From: "Andre Dubuc" <[EMAIL PROTECTED]> > To: "Kevin Old" <[EMAIL PROTECTED]> > Sent: Saturday, February 09, 2002 10:25 PM > Subject: Re: [newbie] Permissions: Nobody in Apache + PHP > > > Kevin, > > > > My tmp directory was set to drwxrwxr-t -- I changed it, as well as the > > graffiti.dat in /htdocs. The file in both /tmp and /htdocs was not > > apache: apache but root:root. Is this where the problem lies? I'm testing > > the > > script > > > while in root (Btw, I wrote it in root: I can't seem to get any script to > > work as user). > > > > Where would I find "errors in my browser"? > > > > Thanks for your advice! > > > > Andre > > > > On Saturday 09 February 2002 23:00, you wrote: > > > Andre, > > > > > > I copied the code and executed it and worked fine for me. > > > > > > Make sure your tmp directory is set like this > > > > > > drwxrwxrwt 4 root root 1024 Feb 9 16:41 tmp/ > > > > > > This is how the file was created > > > > > > -rw-r--r-- 1 apache apache 0 Feb 9 16:38 graffiti.dat > > > > > > Are you getting any errors back in your browser from PHP? > > > > > > Kevin > > > ----- Original Message ----- > > > From: "Andre Dubuc" <[EMAIL PROTECTED]> > > > To: "Kevin Old" <[EMAIL PROTECTED]> > > > Cc: <[EMAIL PROTECTED]> > > > Sent: Saturday, February 09, 2002 9:26 PM > > > Subject: Re: [newbie] Permissions: Nobody in Apache + PHP > > > > > > > Thanks Kevin, > > > > > > > > You're right it's a permission thing, but it doesn't make any > > difference > > > > sinc > > > > > > > I palced Grafiti.dat and graffiti.php in the same directory (htdocs). > > I > > > > also > > > > > > > tried it in /tmp, setting the permissions the same. No go. Since this > > is > > > > > a tutorial script, (PHP 101 - Part 5 from DevShed.com) I wonder if > > > > there's a mistake in it: the variable $graffiti does not seem to be > > > > defined except > > > > > > by > > > > > > > the name=graffiti function in the form section. > > > > > > > > My error log is a mess! Primary error: $graffiti not defined, and, > > > > no permission to grafiti.php. The script is simple and should work: I > > > > > > included > > > > > > > it below. If you would be so kind as to scan for errors (particularly > > for > > > > > $graffiti definition): > > > > > > > > <html> > > > > <head> > > > > <basefont face="Arial"> > > > > </head> > > > > <body> > > > > > > > > <?php > > > > // set the file name > > > > $filename = "/tmp/graffiti.dat"; > > > > > > > > // open the file > > > > $handle = fopen ($filename, "a+"); > > > > > > > > // write the string to the file handle > > > > fputs ($handle, $graffiti); > > > > > > > > // close the file > > > > fclose ($handle); > > > > ?> > > > > > > > > <form action=graffiti.php method=get> [I changed graffiti.php4 to > > > > php] <input type=text size=30 name=graffiti> > > > > <input type=submit name=submit value="Add your two bits!"> > > > > </form> > > > > > > > > <?php > > > > // Display current contents of file if available > > > > if (file_exists ($filename)) > > > > { > > > > echo "<b>Current graffiti reads: </b>"; > > > > readfile ($filename); > > > > } > > > > else > > > > { > > > > echo "File not found!"; > > > > } > > > > > > > > ?> > > > > </body> > > > > </html> > > > > > > > > Somehow, I think there's a boo-boo in here (but then again, I'm a > > newbie! > > > > :>) > > > > > > > > Tia, (and thanks for your help!) > > > > Andre > > > > > > > > On Saturday 09 February 2002 20:47, you wrote: > > > > > Andre, > > > > > > > > > > Yes, it has to be a permissions issue. Here's one thing that has > > > > > gotten > > > > > > me > > > > > > > > in the past. Make sure that the directory (and ones above it) for > > > > > grafitti.dat have the same permissions and are owned and grouped > > > > > exactly > > > > > > as > > > > > > > > grafitti.dat is. Try that and let me know what happens. Also, > > check > > > > your > > > > > > > > Apache error_log for error messages and they might help you > > > > > pinpoint the problem. > > > > > > > > > > As for your original question, nobody is just an ordinary user like > > any > > > > > > other. The only thing is that the nobody account is disabled so > > that > > > > > > nobody can log in in the normal way. The purpose of having such an > > > > > account is to limit the power of processes that run as this user > > > > > and > > to > > > > > > partition them off to some extent from other users although there > > seems > > > > > > to be something of a trend nowadays to run various services as > > > > > their own separate users (eg, in Debian: www-data for Apache, proxy > > > > > for squid, et al.) > > > > > > > > > > If you want to know why 'nobody' is not singled out as a specially > > > > > restricted user then I can only give you my explanation and I don't > > > > > know how authoritative that is. Firstly the Unix model says there > > are > > > > > > two types of users: superusers (uid=0) and ordinary users (uid!=0). > > > > > Many would argue that this approach is the reason Unix security is > > such > > > > > > a problem so the question of whether introducing a new users with > > > > > varying privileges would actually help or not would need to be > > > > > considered carefully. Perhaps the main reason why it hasn't been > > done > > > > > > so far is that there is little need. If you and I both have an > > account > > > > > > on the system, can I delete your files? Hopefully not -- unless > > > > > you have specifically given a group I am in this privilege (or, > > > > > heaven forbid, the dreaded 'other'). If you have private files > > > > > then > > hopefully > > > > > > you have set the permissions/umask appropriately hence I can't read > > > > > these either. Consequently, we are both unprivileged users and > > > > > only ourselves (or, more correctly, processes with our uid) can do > > > > > any damage to our files (unless permission is granted otherwise). > > > > > Hence use of the nobody limits the damage that can be done to > > > > > 'nobody': a user who owns virtually nothing and can only access > > > > > (read/write) > > files > > > > > > to which r/w permission has been granted to "other" -- how more > > > > > unprivileged could this be? (Perhaps rlimits could be permanently > > > > > enforced but in some ways perhaps this is the responsiblity of the > > > > > application process, not the user id it runs as.) As I said, this > > is > > > > > > just my opinion and someone else can probably provide a better > > answer. > > > > > > :) > > > > > > > > > > Hope this helps, > > > > > Kevin > > > > > ----- Original Message ----- > > > > > From: "Andre Dubuc" <[EMAIL PROTECTED]> > > > > > To: <[EMAIL PROTECTED]> > > > > > Sent: Saturday, February 09, 2002 2:14 PM > > > > > Subject: [newbie] Permissions: Nobody in Apache + PHP > > > > > > > > > > > Finally, I have working copies of Apache 1.3.22 and PHP 4.1.1 on > > my > > > > LM8.0 > > > > > > > > > box. Apache has been set up with "nobody' permissions, and I > > > > > > write > > > > > > test > > > > > > > > > scripts as root and place them in /home/web/apache/htdocs. > > > > > > > > > > > > I can read scripts from this directory, but I've tried to use: > > > > > > . . . excerpt . . . > > > > > > > > > > > > $filename = "/tmp/graffiti.dat"; > > > > > > $handle = fopen ($filename, "a+"); > > > > > > fputs ($handle, $graffiti); [I've also tried fwrite] > > > > > > fclose($handle); > > > > > > > > > > > > . . . followed by a form that takes $graffiti as input . . . and > > > > > > then > > > > > > a > > > > > > > > php > > > > > > > > > > > script that displays the contents of the appended $filename . . . > > > > > > > > > > > > And no matter what I try, nothing is written to "graffiti.dat" -- > > > > > > I've checked that it is writeable. Somehow, I think it's related > > to > > > > > > > permissions and the group "nobody". I've written the script as > > root, > > > > and > > > > > > > > > another as > > > > > > > > > > user. > > > > > > > > > > > Neither works. Apache (temporarily) is run at root -- I'm just > > > > > > learning > > > > > > > > > Apache and PHP -- this is a developmental setup, not connected to > > the > > > > > > outside. > > > > > > > > > > > If there are any gurus that can help me, I'd appreciate it. > > > > > > Permissions > > > > > > > > are > > > > > > > > > > > set otherwise to 755. > > > > > > > > > > > > I'm obviously not clear on the concept of "nobody" and how it > > affects > > > > > > running > > > > > > > > > > > of scripts. Who cn arun these, if it's set to "nobody"? > > > > > > > > > > > > Tia, > > > > > > Andre > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > Please pray the Holy Rosary to end the holocaust of abortion. > > > > > > Remember in your prayers the suffering souls in Purgatory. > > > > > > > > > > > > May God bless you abundantly in His love! > > > > > > > > > > > > For a free Cenacle Scriptural Rosary Booklet -- > > > > > > > > > > http://www.webhart.net/csrb/ > > > > ------------------------------------------------------------------------- > > > > > >- > > > > > > - > > > > > > > >- ---- > > > > > > > > > > > Want to buy your Pack or Services from MandrakeSoft? > > > > > > Go to http://www.mandrakestore.com > > > > > > > > ---------------------------------------- > > > > Content-Type: text/plain; charset="iso-8859-1"; name="message.footer" > > > > Content-Transfer-Encoding: 8bit > > > > Content-Description: > > > > ---------------------------------------- > > > > > > > > -- > > > > Please pray the Holy Rosary to end the holocaust of abortion. > > > > Remember in your prayers the suffering souls in Purgatory. > > > > > > > > May God bless you abundantly in His love! > > > > > > > > For a free Cenacle Scriptural Rosary Booklet -- > > > > > > http://www.webhart.net/csrb/ > > > > -- > > Please pray the Holy Rosary to end the holocaust of abortion. > > Remember in your prayers the suffering souls in Purgatory. > > > > May God bless you abundantly in His love! > > > > For a free Cenacle Scriptural Rosary Booklet -- > > http://www.webhart.net/csrb/ -- Please pray the Holy Rosary to end the holocaust of abortion. Remember in your prayers the suffering souls in Purgatory. May God bless you abundantly in His love! For a free Cenacle Scriptural Rosary Booklet -- http://www.webhart.net/csrb/
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com