You *CAN* do that with PHP as CGI wrapped with suexec... But you lose performance, and you'll have to convince the ISP to install that as a second mime-type with a different extension... They'll need to read the suexec docs at http://apache.org first and foremost. (Doing suexec incorrectly is quite dangerous)
Other option is to chown or chmod the files to allow nobody to do what nobody needs to do -- Of course, that opens those files up for any other users on the shared server to mess with, and it's probably easier for an external hacker to gain "nobody" access than a real user. Safety is relative. How critical are these files, and how much do you trust fellow users on a shared resource web-server? You could also write some world-executable shell scripts that provide "nobody" with very specific actions they can do to/with the files -- You want to write that script as limited and carefully as possible so that *ONLY* the things you want to happen can happen. Bottom line: Unless you go hard-core with suexec, anything you set up can be figured out and potentially abused by any fellow users on the ISP. -- WARNING [EMAIL PROTECTED] address is an endangered species -- Use [EMAIL PROTECTED] Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm Volunteer a little time: http://chatmusic.com/volunteer.htm ----- Original Message ----- From: Gerard Samuel <[EMAIL PROTECTED]> Newsgroups: php.general To: PHP <[EMAIL PROTECTED]> Sent: Thursday, October 04, 2001 7:24 PM Subject: php, files, ownership....(was file manipulation) > Ok, I found out what was causing some of the people who were using my > script and have it fail. They are on a shared server and apache is > being run as user nobody, so therefore the script is being run as > nobody. But the the files has to have user ownership foo foo. Is it at > all possible to have a script run as one user and create files as > another. Dont know if it is even safe?? > Or could you point me in another direction? > Thanks > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
