Permissions &amp; File Management

Permissions & File Management

Anon

I've been trying to get a file management script to work for a long time, but am stuck at an awkward point. The script will not run successfully unless the folder/files it is manipulating are set to chmod 777; this is really not cool (security-wise). In ASP, there are objects you can use that enable your script to impersonate a user (ie, the admin) so that they can manipulate the file system. Is there a way to do something like that in PHP? Again, I want to upload, delete, and rename files in a folder without making the permissions on those files (or folder) 777.

PS. I have the file manipulation script itself set to 755.

[deleted]

Ah, lovely ASP. Built in ways of F-ing up security. sheesh.

Have a look at a utility called SUDO.
That will give you limited permission to impersonate any other user.
That user can determine which commands you may run under their ID, and what actions you are allowed to take while using their ID.

Note, it is NOT a good idea to use this over the internet.
Why? because if you are running the scrips through a webserver, you will need to give the webserver access to the files, which means that suddenly ALL scripts get potential access to the files, which is a bit like asking a Bill C. to look after your intern while you grab a cup of coffee.

Anon

Thx - will look into that.