Welcome to the JaguarPC Community
JaguarPC
Sales: (888) 338-5261
Support: (888)-551-3050
Results 1 to 4 of 4

This is a discussion on shell command chgrp usage restrictions in the Shared & Semi-Dedicated forum
Hi all, Sorry for my poor english... I'd like to use the CMS Typo3 on my site, but the PHP scripts need to write to ...

  1. 11-03-2003, 08:01 AM #1
    Denest
    Denest is offline
    JPC Member
    Join Date
    Nov 2003
    Posts
    5

    shell command chgrp usage restrictions

    Hi all,

    Sorry for my poor english...

    I'd like to use the CMS Typo3 on my site, but the PHP scripts need to write to some config files. I had to use chgrp to change the group of a subdir to apache (or whatever the httpd uses) but I can't.
    The command:
    chgrp apache typo3_src-3.5.0
    The output
    chgrp: changing group of `typo3_src-3.5.0': Operation not permitted

    How should I permit the PHP scripts to write to this subdir?
    Should I permit everybody write permission? I don't like to do so...

    Someone professional please help.

    Thanks!

    Tom
    Reply With Quote Reply With Quote
  2. 11-03-2003, 08:09 AM #2
    gerilya
    gerilya is offline
    Jag Veteran
    Join Date
    Sep 2002
    Posts
    650
    First, make sure that webserver is running under groupname 'apache' on your server, because it is usually "www" or "nobody".
    Second, if you are concerned about security, then stop worrying Technically speaking, there is not much difference between letting apache to write to your directory and making that directory world-writable. This is because other users can execute scripts as apache's user/group id just like you can.
    Reply With Quote Reply With Quote
  3. 11-03-2003, 11:48 PM #3
    Denest
    Denest is offline
    JPC Member
    Join Date
    Nov 2003
    Posts
    5
    Thanks! So do you say that there is no risk if I set the permissions to 777 on such dirs?
    Anyway I opend a ticket and support wrote me that they can set the group of any dir to nobody (the group of apache) if I ask them for it. But if there is no risk in the other case I will use that method.
    Reply With Quote Reply With Quote
  4. 11-04-2003, 03:29 AM #4
    gerilya
    gerilya is offline
    Jag Veteran
    Join Date
    Sep 2002
    Posts
    650
    Originally posted by Denest
    Thanks! So do you say that there is no risk if I set the permissions to 777 on such dirs?
    No, I am saying exactly the opposite, sorry if my suggestion to "stop worrying" was misleading :-)
    In terms of security, it is not advisable to allow a 3rd party write access to your space, either by making the directory world-writable or by making the directory writable by a user/group id which is 'shared' among different users on the server.

    But you need it to be writable for your application to work and you most probably don't want to pay for the dedicated server, so just do it writable. Either way is fine, the 'risk' is exactly the same in both cases.

    I would go with "chmod 757 directory" option rather than changing ownership, because this way you don't depend on anyone to make the changes for you.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules