Re: re[4]: [Phpwebsite-developers] Security

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

A bit of clarification on all of this...

Having shell access makes life easier, and the working assumption has
always been that you own your web server and have root access to the
system. Security is *always* a relative proposition and we have done
everything we can in order to keep phpWebSite as locked down as possible.
Developing from this frame of reference allows us to develop the most
secure software we can. Does this mean that you can't run phpWebSite in a
hosted environment or that doing so is a 'living hell'?

No.

Hopefully the following should help those in a hosted environment sort
this out.

Anytime phpWebSite writes a file (i.e. the initial creation of the config
file) the web server has to have permission to write to the file system.
Note that the web server runs as a user, typically the user 'apache'.
Therefore any directory that phpWebSite writes to needs to be flagged as
writable for the that user. NOTE: This has not changed from version 0.8.x
- this is all about web servers and file systems! The workaround for this
in 0.8.x if you did not have root access via the shell was to flag the
image directories 777 (writable by everyone) so the web server could write
the image files. The more secure recommendation in the 0.8.x versions was
to have the image directories be flagged as writable by the user 'apache'
only.

The point here is that the issue here is all about directory permissions
and the fact that whenever phpWebSite does *anything* it is acting as the
user that the web server runs as - typically the user 'apache' or
'nobody'. This has not changed from 0.8.x.

0.9.x does more 'neat' things that require that the web server have rights
to write to the file system. The shell scripts exist (in root and non-root
versions I might add) to make flagging these permissions easier. In cases
where flagging a directory with liberal rights is potentially problematic
we have gone out of our way (as Matt pointed out) to accommodate those who
cannot flag these permissions. In case such as the config file the file
can be uploaded via ftp since the web server need only to have read
rights. A small inconvenience.

It should also be noted that the above is true for *ANY* PHP script. The
script runs and acts as the user under which the web server runs. *Any*
time ANY script interacts with the file system these permission issues
exist.

Thanks,
Brian

--
Brian W. Brown
Director, Electronic Student Services
Room 269, John Thomas Hall
Appalachian State University
Boone, NC 28608

vox: 828-262-7124

http://ess.appstate.edu/
http://phpwebsite.appatate.edu/