On Sat, 21 Oct 2006 14:41:11 +1000, chris smith wrote:
On 10/21/06, Jochem Maas [EMAIL PROTECTED] wrote:
chris smith wrote:
On 10/21/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Fri, 20 Oct 2006 23:24:14 +1000, chris smith wrote:
On 10/20/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED]
On Thu, October 19, 2006 1:49 pm, Tom Ray [Lists] wrote:
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver? So when I upload files through a PHP script
they are owned by me and not wwwrun or nobody?
On a dedicated server, it's trivial to do it.
Look
On Fri, October 20, 2006 12:49 am, Chris wrote:
A shared user (like www or nobody) is a *much* bigger risk than
separate users.
*MUST* we go through all the permutations of What if... for these
two scenarios again?
The Risk cannot be evaluated outside the context of everything else
you do
On Fri, October 20, 2006 8:24 am, chris smith wrote:
php running through apache:
?php
mkdir('/path/to/dir');
?
Making that in a shared location will allow *any* domain to write to
it, read from it or delete it (forget about possible open_basedir
restrictions).
If 'nobody' can read/write
On Fri, 20 Oct 2006 15:49:14 +1000, Chris wrote:
Andy Hultgren wrote:
To whoever was asking this (sorry didn't see the original email):
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver? So when I upload files through a PHP script
they are owned
On 10/20/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Fri, 20 Oct 2006 15:49:14 +1000, Chris wrote:
Andy Hultgren wrote:
To whoever was asking this (sorry didn't see the original email):
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver?
On Fri, 20 Oct 2006 23:24:14 +1000, chris smith wrote:
On 10/20/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Fri, 20 Oct 2006 15:49:14 +1000, Chris wrote:
Andy Hultgren wrote:
To whoever was asking this (sorry didn't see the original email):
Is it possible to have a PHP script
On 10/21/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Fri, 20 Oct 2006 23:24:14 +1000, chris smith wrote:
On 10/20/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Fri, 20 Oct 2006 15:49:14 +1000, Chris wrote:
Andy Hultgren wrote:
To whoever was asking this (sorry didn't see the
chris smith wrote:
On 10/21/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Fri, 20 Oct 2006 23:24:14 +1000, chris smith wrote:
On 10/20/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
To my experience, apache (with PHP running as www-data or nobody or
whatever) will not be
On 10/21/06, Jochem Maas [EMAIL PROTECTED] wrote:
chris smith wrote:
On 10/21/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
On Fri, 20 Oct 2006 23:24:14 +1000, chris smith wrote:
On 10/20/06, Ivo F.A.C. Fokkema [EMAIL PROTECTED] wrote:
To my experience, apache (with PHP running
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver? So when I upload files through a PHP script
they are owned by me and not wwwrun or nobody?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
try suPHP :-)
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver? So when I upload files through a PHP script
they are owned by me and not wwwrun or nobody?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit:
Christian Heinrich wrote:
try suPHP :-)
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver? So when I upload files through a PHP script
they are owned by me and not wwwrun or nobody?
Sounds like it could be a big security issue if not very
To whoever was asking this (sorry didn't see the original email):
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver? So when I upload files through a PHP script
they are owned by me and not wwwrun or nobody?
I was recently exchanging on this list
Andy Hultgren wrote:
To whoever was asking this (sorry didn't see the original email):
Is it possible to have a PHP script execute as the user of the domain
instead of the webserver? So when I upload files through a PHP script
they are owned by me and not wwwrun or nobody?
I was recently
15 matches
Mail list logo