Hello.
I'm writing some plugin in PHP for cPanel. Faced with the problem of publicly available php sources in x3 directory, as the script must have world-wide readable chmod.
So, every user can read the source with, e.g., shell script.
This makes no sense in developing scripts connected directly with system: I can't use any logins/passwords, as users can see them in a source, I can't edit files, owned by root, as script executes under logged user.
Thus, we have a very strict set of functions we can use...
I need to let single users to edit files, owned by root, but not writeable by others. I understand, I can queue the corrections in some 777 folder, and watch it with some daemon under root, but the solution isn't acceptable, as, again, any user can edit his own queue file, thereby he can bypass necessary checks...
Turns out a vicious circle...
Any ideas are appreciated..
I'm writing some plugin in PHP for cPanel. Faced with the problem of publicly available php sources in x3 directory, as the script must have world-wide readable chmod.
So, every user can read the source with, e.g., shell script.
This makes no sense in developing scripts connected directly with system: I can't use any logins/passwords, as users can see them in a source, I can't edit files, owned by root, as script executes under logged user.
Thus, we have a very strict set of functions we can use...
I need to let single users to edit files, owned by root, but not writeable by others. I understand, I can queue the corrections in some 777 folder, and watch it with some daemon under root, but the solution isn't acceptable, as, again, any user can edit his own queue file, thereby he can bypass necessary checks...
Turns out a vicious circle...
Any ideas are appreciated..
