Permissions and PHP

Forum Moderators: bakedjake

Message Too Old, No Replies

Permissions and PHP

Any way around it?

ahmedtheking

3:22 pm on May 21, 2007 (gmt 0)

This post is quite broad so apologise if this is the wrong place. A client of mine has an Xserve (mac web server) running PHP 5 and Apache and so on. Now, he has placed for additional RAID drives for extra storage. When he uploads files to those drives as the logged in user via AFP, PHP can't read it because the files are under a different group to PHP's. Now, when I upload files as root, PHP can read and execute those files.

Is there a way to allow PHP to read those files that the root uploaded or do I have to run a CHGRP before PHP can touch those files? Is there a setting I can change or to regroup PHP?

wheel

4:56 pm on May 21, 2007 (gmt 0)

When you say 'php can't read the files', that seems like one of two possibilities. Either it's not a permission's problem (doubt it) or it's not php that's the problem - it's the user who's executing the php program. Small clarification, but important.

if you're uploading the files as apache, and php is running from an apache process it seems like they would be the same user (both apache) so permissions shouldn't be an issue.

Anyway, that's a lot of vagueness to say that I think you need to set apache and whatever user is running the php program to be the same 'group'. Look at the users, not the files or the programs.

(the other alternative is that the ftp program that's doing the uploading isn't setting the permissions correctly - I think this would be changed through settings in the ftp program).

ahmedtheking

10:13 pm on May 21, 2007 (gmt 0)

Well PHP and Apache are in the same 'WWW' group. It's that the user is uploading as the actual root computer user. It's weird. Even though the web sites are uploaded by the same user, it seems that PHP reports that there's a perms problem when it tries to read them. Would it be worth adding the root using into the WWW group? Or is that a huge NONO?

wheel

9:58 pm on May 22, 2007 (gmt 0)

The user shouldn't be uploading as root. What I would probably try next is setting up a user in the same group as apache then using that user to upload.

Actually, that's not what I would try next. What I would do is have the user upload via something like ftp or similiar, where the program doing the uploading has the correct permissions.

ahmedtheking

10:03 pm on May 22, 2007 (gmt 0)

Yeah that's what I did and it's all working now.