Files Owned by nobody and Disk Usage!

You can disable the option upload using php in php.ini

 

A fairly simple solution is to write a script that goes through home directories, chowning the nobody files to each user account, then they're included in the disk quota. Or, switch to using phpsuexec/suexec.

 

Indeed. One of several reasons I always have phpsuexec enabled on all of my own servers. Ultimately, it's an issue between php and apache and the poor way that php has been developed for the real world and there's little cPanel can do about it.

 

Of course, one of the reasons it's switched on in my servers is because you administer them

(I hate to give away one of my secrets )

 

Since cPanel are using standard unix file ownerships, they can't for the reasons I mentioned.

 

Since PHP created the files as user nobody, wouldn't PHP also be able to chown them to another user?

If so, does someone have a utility script that can be run to facilitate the changing of ownership of these files?

I know this is an old thread, but I didn't want to start a new one for the same problem.

Thanks,
Chuck

 

PHP created the files as nobody because that is the user that was running the Apache process that wrote the files. It doesn't have signficant privileges to change the ownership.

As chirpy stated this is just an issue between PHP and Apache. I'm not sure which side is to blame or really if any side is to really blame. This is just the way it works. Apache runs as nobody, PHP scripts run as nobody, files written by PHP as owned by nobody.

From a security point of view, if you are going to have PHP scripts that upload and/or create files, then PHP needs to be run as CGI or in some way, run the PHP script as the account owner. Having files owned by nobody and having open directories that are required for PHP scripts to write files as nobody can be a security risk.

Running PHP as CGI (FastCGI, phpsuexec, suPHP, etc) may result in a slight performance loss, but its either that or having insecurities on the server. Take your choice.