Problem: I am attempting to read the contents of a directory on a remote server that is not within the web root using a webpage interface. FTP has been disabled on both servers.
I have been attempting to use rsync with the -n option (dry run) to ssh into the remote server to read the contents of the remote directory, however, when I execute my script from a web browser it is run as the web user and not the user that I have the ssh auth keys set-up for. For obvious security reasons I do not want to setup auth keys for my web user, but would rather simply have my php script (which allows no user input) run as its owner (which I do have auth keys for).
So far I've attempted to set the file permssions with 4755, but haven't met with any success. Two more options that I'll be exploring is setuid, however, I'm not really sure of the security issues involved with that. I've also been told to look into susexec for apache...
Any one run into this problem before and/or have another solution?
Travis
