Re: [cobalt-developers] PHP and creating a file

["Steve Werby" <steve-lists@xxxxxxxxxxxx>]

"P Lindsey" <paul@xxxxxxxxxxxxx> wrote:
> Im having a problem creating a file in php. when i try to create it it
says
> permission denied

If PHP is running as an Apache module it runs as the same user that the
webserver runs as.  Unless you make directories world-writable (002) then
PHP won't be able to write to those directories.

> Is it a security risk to create a directory and chmod it
> to 777 and house about 600 scripts in there?

That depends who has access to the server and how much you trust these
people.  Anyone with shell access will be able to write to the scripts and
change their behavior and create files in that directory.  The share number
of scripts doesn't really matter.

> I have to install a lot of
> scripts automatically and i so i need to create files and copy them but
into
> a secure environment. Any help would be appreciated.

As an alternative you may want to install a second copy of PHP as a CGI.
Then you can create scripts that run with the privileges of the owner of
each script.  If you have scripts owned by the site owner the scripts will
be able to write to a directory without making it world-writable.  I suggest
spending a few hours reading through the archives for the PHP mailing list.
See http://marc.theaimsgroup.com/?l=php-general.  Search for combinations of
fwrite, permissions, security, upload, etc.  Your situation is not Cobalt
specific and I'm a firm believer in using the right tools for the job.  In
this case it's the PHP mailing list.  :-)

--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/