Wierd Thing With Chmod

[impleri]

Greetings,

i've been with TCH since June (i believe) and haven't had this problem before...

After i updated my copy of Mambo today (www.impleri.net), i tried to install a template and discovered that it was listing certain directories as being unwriteable. So, i checked the CHMOD stuff and those directories were CHMODed to 775, so it shouldn't have been a problem. So, i went to the configuration to check it out and it too was unwriteable, even though it's CHMOD was the standard 644.

Odd...so i checked another installation i have (demo.impleri.net) and discovered that it too now saw certain directories as unwriteable, when they were perfectly writeable 6 weeks ago when i last touched the files. Does anyone have any clue why this would be?

[TweezerMan]

As Mambo is a PHP script, it runs as the user 'nobody'. In order for it to create and delete files in a directory (one that you own), the directory permissions must be set to 0777, and file permissions on a file that you own must be 0666 in order to modify the file. 0775 directory permissions and 0644 file permissions would not be sufficient to allow Mambo to create/modify/delete files.

[impleri]

Did this recently change? i didn't have this problem 6 weeks ago...?

[TweezerMan]

The behavior of PHP scripts on the server has not changed. I'd suspect that your file and directory permissions were somehow changed from what they were 6 weeks ago.

[ManfredJung]

As Mambo is a PHP script, it runs as the user 'nobody'.  In order for it to create and delete files in a directory (one that you own), the directory permissions must be set to 0777, and file permissions on a file that you own must be 0666 in order to modify the file.  0775 directory permissions and 0644 file permissions would not be sufficient to allow Mambo to create/modify/delete files.

<{POST_SNAPBACK}>

 

Thanks for this insight. I am struggeling with exactly the same problem. Allow me a couple of questions.

 

Why is mambo running as user nobody? Why does it not runn under my username? It is after all my account. Should php or Apache not know that the script is owned by the user who uploaded it?

 

Second question would setting everything to 777 and 666 not compromize security? Would that not mean that anyone can read write and execute in these directories?

 

Sorry if I just display my ignorance. But calling the ISP on a houerly rate when I install and remove mambo components is not nice and i like to find a solution to this problem.

 

Thanks for any help you can give.

Regards Manfred

[TCH-Bruce]

Welcome to the forums Manfred.

 

As David said, PHP runs on the server as user "nobody".

 

Setting everything to 777 and 666 will indeed leave you open to security risks.

[TweezerMan]

Welcome to the forums, Manfred!

 

Why is mambo running as user nobody? Why does it not runn under my username? It is after all my account. Should php or Apache not know that the script is owned by the user who uploaded it?

<{POST_SNAPBACK}>

Running PHP scripts under your user ID requires configuring the web server to use phpsuexec to run them. From what I understand, phpsuexec is not used on TCH servers as some features of PHP don't work with phpsuexec enabled, and it can also result in breaking a number of PHP scripts.

 

Second question would setting everything to 777 and 666 not compromize security? Would that not mean that anyone can read write and execute in these directories?

<{POST_SNAPBACK}>

Yes, this does weaken security in your account. In this case, 'anyone' would be any other user with an account on the same server as you (other TCH customers on your server). I don't believe there is any significant risk from the other customers on your server. The main threat is from hackers exploting a vulnerable script in another user's account, then being able to access your files and directories that have 0666/0777 permissions.

 

Your main defenses here are 1) only set 0777 directory / 0666 file permissions on directories and files that require it, and 2) make and keep regular backups of your account, so if your files are tampered with, they can be easily restored.

 

Sorry if I just display my ignorance. But calling the ISP on a houerly rate when I install and remove mambo components is not nice and i like to find a solution to this problem.

<{POST_SNAPBACK}>

If it's just a permissions problem, you could use a PHP script to set/change permissions on files and directories that are owned by 'nobody' (since you aren't able to set them via an FTP program or CPanel's File Manager).

[TCH-Don]

Welcome to the forums, Manfred

 

You are lucky that your ISP lets you run php

most just give you plain web space.

 

Mine won't even let me use ftp with my included web space,

so I do not even use it.

Of course no biggy since I have all the features I need here.

[TCH-Thomas]

Welcome to the forum, Manfred.

[stevevan]

Sorry...I can't offer any advice other than what has already been said! (And quite well, too!)

 

Welcome to the forums!

[Paul_Ecuador]

I have a similar problem: Installed mambo, uploaded a couple of componentes, and later, I can not delete some directorioes or even upload files to these directories using the CPanel file manager or via FTP.

 

Any ideas?

 

Regards

 

the website is:

 

Edit by TCH-David: URL removed

 

(sorry, no domain pointed there yet)

Edited October 27, 2005 by TCH-David

[TCH-Bruce]

I have an idea, the script used to create those directories are not owned by you so you cannot delete them.

 

Please open a help desk ticket and they can remove them or change ownership for you.

[TweezerMan]

the website is:

 

Edit by TCH-David: URL removed

 

(sorry, no domain pointed there yet)

The server address is only supposed to be used while your domain propogates (initial setup of your account). It is against TCH policy to direct traffic through the server domain name in any way. You must have all traffic go through the domain name that you have established with your account.