tags:

views:

34

answers:

5
Q: 

Writing to a file in a directory that belongs to a different user using php

Hi,

I have a server that hosts several domains. From one of the domains, using a php script I want to be able to append a few lines to the .htaccess of other domains.

For example from masterdomain.com I want to append some lines to the .htaccess of otherdomain.com. So from a php file in /home/masterdomain/www/ I want to append a few lines to the .htaccess located at /home/otherdomain/www.

To do this I have written a shell script, when I run the shell script as root, it works but when running it via php, exec('./write_htaccess.sh') it's not working, nothing happends. I checked and there are no errors returned.

I have tried chmod u+s on write_htaccess.sh to try and make it run as root each time but that didn't work either, I might have set the s bit wrongly though.

How could I achieve this? Do I have to give php root priviledges, what would be the best way to do this?

A: 

How about adding php to sudoers and allow it to do just the one thing.

Kristoffer S Hansen  2010-10-08 10:46:06
A: 

PHP is probably being run by whichever user your web server is running under; I'm guessing when you say server you mean web server. On Red Hat or Fedora that is apache (unless you're using a different web server), other flavors of linux might use www or some other user. When you run your shell script from PHP it's being executed by the user apache. That user needs write permissions to the .htaccess file, or needs to be in a group with write access to the .htaccess file.

Try changing the .htaccess file's group ownership to apache (or whatever) and making it group writable. That avoids mucking about with sudo or setuid bits. Of course, it means anyone in that group can modify the .htaccess file.

mazianni  2010-10-08 13:10:28
The problem is that many of those .htaccess don't yet exist, and I don't want to manually create them since I have well over 100 domains on this server.
b2238488  2010-10-08 13:26:16
You could make sure the web server user has write permissions (either directly or through group ownerships) to each directory and have your write_access.sh script create the .htaccess file if it doesn't exist. I think you want to be wary of giving up too many permissions though, it's a security risk. You definitely should read up on protecting the .htaccess file. Depending on what you're trying to accomplish there's probably a different way of doing it, maybe something that doesn't require loosening permissions so much.
mazianni  2010-10-08 15:00:45
A: 

You can connect to sftp/ftp/ssh with php and authenticate as the user which files you are trying to edit.

Sander Backus  2010-10-08 14:12:27
A: 

Bash (and other shells) invoke other commands as the real user id not the effective user id - hence the 's' flag has no effect. Invoke the program using sudo and it should work as expected, or setup the script to run from [x]inetd (with appropriate access controls).

symcbean  2010-10-08 15:06:45
A: 

Can you make the file group-writable, and add both users to the same group?

dj_segfault  2010-10-08 15:48:59

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases