Writing to files, security, and chmod 777.

[wyrd33]

Okay, I have a script that creates files and writes to them in a specific folder. However, I have to chmod 777 the folder for it to work. This is insecure, obviously. The reason for this, using system("whoami"), returns "nobody". Thus, the script isn't executing under my username, it's executing from the web, which is nobody. I guess this is obvious and typical.

What I'm looking for is a way to run the script as myself, so I do not have to insecurely chmod 777 the directory. I would like to keep it 755 and have a secure, safe web site (well, as safe as I can make it, anyway).

How can I accomplish this? Will executing the script with a cronjob work? If I run system("whoami") from a cronjob will it show up as my username rather than "nobody"?

I can't think of any other ways to get around this. I really, really don't want to chmod 777 a directory.

[k.soule]

Using the chmod() function in PHP means that the server itself is changing the permissions of the directory; PHP is parsed by the server, this is the most secure method than you can choose, in my opinion.

[wyrd33]

I think you misread my post. I'm not talking about chmod() the PHP command.

[fooDigi]

i believe anyone who accesses this via the web is using a general user account created by the admin. anything that is created by the web user inherits the permissions. correct me if im wrong.