Owner or other; permissions for webpage users

I'm basically familiar with the UNIX permissions - 'owner', 'group', or 'other', but I
have no real idea how these apply to webpage users under PHP. I know that if I FTP to the
server I am the owner, and I think that if I, or anyone else, opens one of my webpages I
am 'other'.

However what I would like to do is assign certain users, who have logged in through a
security portal, to 'group', so that they (but not 'others') have permission to write to
data files on the site.

Can this be done with PHP?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Owner or other; permissions for webpage users

On Wed, Feb 10, 2010 at 2:51 PM, wrote:
> I'm basically familiar with the UNIX permissions - 'owner', 'group', or 'other', but I
> have no real idea how these apply to webpage users under PHP. I know that if I FTP to the
> server I am the owner, and I think that if I, or anyone else, opens one of my webpages I
> am 'other'.

Almost right. It's UGO, User Group and Other.

When you view a PHP page, it's (usually) served by Apache, the process
will be owned by a user, usually 'apache'; who is also a member of a
group, usually 'apache'. On some systems these users/groups can be
'httpd', 'www-data' etc. When you or I look at a PHP file served from
Apache, there is no concept of users/groups/others outside those that
apply to the Apache process that served the data.

> However what I would like to do is assign certain users, who have logged in through a
> security portal, to 'group', so that they (but not 'others') have permission to write to
> data files on the site.

It's a seperate thing, because once again inside PHP there is no
concept of users/groups outside the Apache process itself. It would be
up to your PHP code to manage who has access to what, the files will
all be read from and written to disk by the Apache process.

HTH.

Cheers

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Owner or other; permissions for webpage users

On Wed, 10 Feb 2010 16:08:42 +1030, james.mclean@gmail.com (James McLean) wrote:

>On Wed, Feb 10, 2010 at 2:51 PM, wrote:
>> I'm basically familiar with the UNIX permissions - 'owner', 'group', or 'other', but I
>> have no real idea how these apply to webpage users under PHP. I know that if I FTP to the
>> server I am the owner, and I think that if I, or anyone else, opens one of my webpages I
>> am 'other'.
>
>Almost right. It's UGO, User Group and Other.
>
>When you view a PHP page, it's (usually) served by Apache, the process
>will be owned by a user, usually 'apache'; who is also a member of a
>group, usually 'apache'. On some systems these users/groups can be
>'httpd', 'www-data' etc. When you or I look at a PHP file served from
>Apache, there is no concept of users/groups/others outside those that
>apply to the Apache process that served the data.
>
>> However what I would like to do is assign certain users, who have logged in through a
>> security portal, to 'group', so that they (but not 'others') have permission to write to
>> data files on the site.
>
>It's a seperate thing, because once again inside PHP there is no
>concept of users/groups outside the Apache process itself. It would be
>up to your PHP code to manage who has access to what, the files will
>all be read from and written to disk by the Apache process.

Thanks. So it is as I feared, and if I want any file to be editable under any
circumstances, I have to give write access to 'others'.

It is a little surprising that PHP has not made any provision for manipulating users write
permissions, as this could provide a little extra protection from malicious users.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Owner or other; permissions for webpage users

--=-qXDExTMQz2d2uSCDUfo9
Content-Type: text/plain
Content-Transfer-Encoding: 7bit

On Thu, 2010-02-11 at 17:01 +1100, clancy_1@cybec.com.au wrote:

> On Wed, 10 Feb 2010 16:08:42 +1030, james.mclean@gmail.com (James McLean) wrote:
>
> >On Wed, Feb 10, 2010 at 2:51 PM, wrote:
> >> I'm basically familiar with the UNIX permissions - 'owner', 'group', or 'other', but I
> >> have no real idea how these apply to webpage users under PHP. I know that if I FTP to the
> >> server I am the owner, and I think that if I, or anyone else, opens one of my webpages I
> >> am 'other'.
> >
> >Almost right. It's UGO, User Group and Other.
> >
> >When you view a PHP page, it's (usually) served by Apache, the process
> >will be owned by a user, usually 'apache'; who is also a member of a
> >group, usually 'apache'. On some systems these users/groups can be
> >'httpd', 'www-data' etc. When you or I look at a PHP file served from
> >Apache, there is no concept of users/groups/others outside those that
> >apply to the Apache process that served the data.
> >
> >> However what I would like to do is assign certain users, who have logged in through a
> >> security portal, to 'group', so that they (but not 'others') have permission to write to
> >> data files on the site.
> >
> >It's a seperate thing, because once again inside PHP there is no
> >concept of users/groups outside the Apache process itself. It would be
> >up to your PHP code to manage who has access to what, the files will
> >all be read from and written to disk by the Apache process.
>
> Thanks. So it is as I feared, and if I want any file to be editable under any
> circumstances, I have to give write access to 'others'.
>
> It is a little surprising that PHP has not made any provision for manipulating users write
> permissions, as this could provide a little extra protection from malicious users.
>
>


You can manipulate users write permissions if you're the owner of a
file, but what you're asking is to manipulate the user under which PHP
is running dynamically. As users and permissions is so integral to the
safe working of the system, this would be no easy feat for something
that you should be easily able to tackle with some PHP ingenuity.

Thanks,
Ash
http://www.ashleysheridan.co.uk



--=-qXDExTMQz2d2uSCDUfo9--