Gossamer Forum
(Advanced Search)
for
Home : Products : Gossamer Links : PHP Front End :

safe_mode and uploading

Sep 20, 2002, 5:05 PM
genoshin
New User (2 posts)
Sep 20, 2002, 5:05 PM
Post #1 of 6
Views: 8116
Shortcut
Quote Reply
safe_mode and uploading
Good Day Folks,

I work at a webhosting company. Our SysAdmin has recently placed the

servers php.ini in safe_mode. All our customers have been bugging about

their image galleries. I'm not a php guru in any respect. As you may all well know,

since uploading through the web would make the owner.group of the file as nobody

or some UID, being in safe mode will cause your script owned by you to have problems.

Does anyone know of a way to upload in safe_mode while keeping your permissions.

Would running the upload in a perl script under a cgi-wrapper help?

Your inputs are always greatly appreciated.

Warmest regards.

-Geno
Sep 21, 2002, 1:27 AM
Andy
Veteran / Moderator (18441 posts)
Andy's avatar
Sep 21, 2002, 1:27 AM
Post #2 of 6
Views: 7999
Shortcut
Quote Reply
Re: [genoshin] safe_mode and uploading In reply to
Eugh, I never worked a way around that. I ended up just turning safe mode off, and leaving it at that...

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Sep 21, 2002, 8:28 AM
Dan Kaplan
Enthusiast (944 posts)
Sep 21, 2002, 8:28 AM
Post #3 of 6
Views: 7979
Shortcut
Quote Reply
Re: [Andy] safe_mode and uploading In reply to
Uploading can be done in PHP with Safe Mode turned on and in a shared hosting environment. Not being a server expert, I don't know the specifics of how that is accomplished, but that is what my host (www.FutureQuest.net) has done, and the sysAdmin is one of the most security conscious people I know of.

Dan
Sep 21, 2002, 12:28 PM
Alex
Administrator (9387 posts)
Sep 21, 2002, 12:28 PM
Post #4 of 6
Views: 8017
Shortcut
Quote Reply
Re: [genoshin] safe_mode and uploading In reply to
Hi,

I don't see a way around it. If you are using php as an apache module (i.e. built into apache as most installs are), then you are running as user nobody, and all actions you do will be done as user nobody. Since apache does not run as root (for good reasons), it can't switch userid.

The only way around it is to use mod_cgi and have a setuid root cgi wrapper like suExec or cgiwrap switch your userid to the proper user and then run an external program like perl or the php binary (losing all the performance benefits of having php embeded inside apache).

I always thought safe mode was pretty silly and makes PHP not very usable. The best way to do it would be to use suexec and run php as a cgi. Of course this isn't acceptable as the performance hit would be terrible (like going from mod_perl back to regular cgi).

Apache 2 is coming out with a good feature:

http://httpd.apache.org/....0/mod/perchild.html

However it's still labeled as experimental, and probably wouldn't scale well for systems that have hundreds of domains on a single machine (good for 20-30 domains though).

Hope this helps,

Alex
--
Gossamer Threads Inc.
Sep 21, 2002, 5:58 PM
genoshin
New User (2 posts)
Sep 21, 2002, 5:58 PM
Post #5 of 6
Views: 7968
Shortcut
Quote Reply
Re: [Andy] safe_mode and uploading In reply to
I just wanted to reply,

THANKS!

Andy, Dan, and Alex. I appreciate your replies
and hope Dans host might be of some help to
us.

Again Thank you guys and have a safe weekend.
Sep 21, 2002, 6:57 PM
Dan Kaplan
Enthusiast (944 posts)
Sep 21, 2002, 6:57 PM
Post #6 of 6
Views: 7975
Shortcut
Quote Reply
Re: [Alex] safe_mode and uploading In reply to
I know FutureQuest runs PHP as both an Apache module and as a CGI process, providing both performance and flexibility to meet the requirements of the job at hand, but I don't know which one file uploading falls under...

Dan