The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DSO configuration

Discussion in 'Security' started by Dualnames, Jan 20, 2014.

  1. Dualnames

    Dualnames Registered

    Joined:
    Aug 20, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Hello,

    This isn't actually an issue but more of some clarificiation on how DSO creates files from PHP scripts. WordPress and other CMS's can have issues with their update functions whether it be WordPress itsself or the plugins. When the files are created, they are created as nobody:nobody. I guess my main question is why would this cause issues? Is it because nobody can't write to files or maybe Apache can't run the files if they are nobody:nobody? Also, one last thing. What are the correct ownership and permissions for files and folders with the DSO handler? To my understanding it should be user:nobody for the ownership and files should be 664 and folder 775. Any input is greatly appreciated :)
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Here is a document that answers your questions about the use of "nobody" ownership with DSO and what permissions are required:

    EasyApache: PHP Request Handling

    To note, if you plan to use DSO, you should consider using Mod_Ruid2. It's documented here:

    mod_ruid2 Module

    Thank you.
     
  3. Dualnames

    Dualnames Registered

    Joined:
    Aug 20, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Hello Michael,

    "Also, files created by PHP scripts will be created by nobody That means files and directories that will receive the output must be writable by the system user nobody."

    So does this mean for a file to be overwrite it would require permissions on that file to be 666 or 664?
     
Loading...

Share This Page