wyrd33 Posted March 9, 2006 Share Posted March 9, 2006 Okay, I have a script that creates files and writes to them in a specific folder. However, I have to chmod 777 the folder for it to work. This is insecure, obviously. The reason for this, using system("whoami"), returns "nobody". Thus, the script isn't executing under my username, it's executing from the web, which is nobody. I guess this is obvious and typical.What I'm looking for is a way to run the script as myself, so I do not have to insecurely chmod 777 the directory. I would like to keep it 755 and have a secure, safe web site (well, as safe as I can make it, anyway).How can I accomplish this? Will executing the script with a cronjob work? If I run system("whoami") from a cronjob will it show up as my username rather than "nobody"?I can't think of any other ways to get around this. I really, really don't want to chmod 777 a directory. Quote Link to comment Share on other sites More sharing options...
k.soule Posted March 10, 2006 Share Posted March 10, 2006 Using the chmod() function in PHP means that the server itself is changing the permissions of the directory; PHP is parsed by the server, this is the most secure method than you can choose, in my opinion. Quote Link to comment Share on other sites More sharing options...
wyrd33 Posted March 10, 2006 Author Share Posted March 10, 2006 I think you misread my post. I'm not talking about chmod() the PHP command. Quote Link to comment Share on other sites More sharing options...
fooDigi Posted March 10, 2006 Share Posted March 10, 2006 i believe anyone who accesses this via the web is using a general user account created by the admin. anything that is created by the web user inherits the permissions. correct me if im wrong. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.