I'm in the process of switching a client's site to a new host. Host 1 uses Apache 2.0x, php 5.2, mysql 5. I have the pertinent directories' permissions set to 751 and it works great.
When I moved the site to the new host (using Apache 2.2x, php 5.2, mysql 5), only 777 allows the users to upload files to the same directories.
I won't make this site live until I can use a more strict set of permissions. Any idea why anything but 777 won't work on the new server?
Thanks,
-chris
It's needed because when PHP is run as an Apache module, the scripts are run under the Apache user (often called 'nobody'), not under the user who owns the script file. One partial solution is to create a user group that contains just your personal user account and the Apache user. Then set the directory permission to 770. This is a "partial" solution if you are on a shared host, since anyone else who can run PHP scripts (or anything else that runs under the Apache user) could still access those directories via their scripts.
Thanks for the note. We moved our site to a virtual dedicated server and had installed php as an Apache module. We were actually able to run the scripts by user accounts by installing the suPHP module onto the server.
So if anyone runs into this again, remember to install the suPHP module onto Apache and you should be able to gain the usefulness of running PHP as CGI while preserving the security benefits of running it as a module.
