The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

change owner to apache:apache

Discussion in 'EasyApache' started by ctbhost, May 11, 2009.

  1. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
    i have had a reqest by one of my clients to change one directory on his account to the owner apache:apache instead of username:username

    what are the implecations of doing this - security wise ??:confused:
     
  2. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    Yes, it can be a security issue. Apache runs under apache user. Do you have Safe mode On for PHP? if yes then I do not think the user will require Apache Apache ownership.
     
  3. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Is there any particular reason they want their directory to be owned by apache:apache? It seems abnormal since Apache runs as user nobody in a cPanel/WHM environment.
     
  4. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
    i have safe mode off
     
  5. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
    i have asked him the question Why he needs this and am waiting for the reply
     
  6. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    My guess is that they want to be able to access files uploaded via FTP from PHP scripts where you do not have suPHP enabled. If you don't have suPHP enabled, then the script they're using may need the file ownerships changed to nobody:nobody or chmod 777 to allow the script access. The security issue here is really PHP, and running it with suPHP removes the need for this practice.
     
  8. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
    hi chirpy, i do have suPHP setup

    as i understand it he is setting up an upload script but wants only authorised users to access the uploaded files
     
  9. PlatinumServerM

    PlatinumServerM Well-Known Member
    PartnerNOC

    Joined:
    Jul 10, 2005
    Messages:
    397
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    New Jersey, USA
    cPanel Access Level:
    Root Administrator
  10. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I agree, there's no need to change ownerships. So long as the directory and uploaded files have the correct restrictive file permissions on them then they're not going to be accessible to other server users.
     
  11. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
    thankyou for all yuor advice.

    my user is happy that suPHP will do the job
     
Loading...

Share This Page