php creates files with owner 'nobody'

guysmiley

Member
Sep 6, 2008
19
0
51
Greetings,

Using Joomla, when I create a folder, it has owner=nobody. I presume since php is being invoked to make this folder, it is php assigning 'nobody' as the owner.

Why would php be doing this?
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
Greetings,

Using Joomla, when I create a folder, it has owner=nobody. I presume since php is being invoked to make this folder, it is php assigning 'nobody' as the owner.

Why would php be doing this?
This is the default behavior of PHP.

If you prefer that scripts run as the user and files created by these scripts be owned by the user, I recommend running SuPHP (or if you're running PHP as CGI, SuExec).
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
Anyone?
Also, would you run SuPHP if you're running PHP as CGI or Apache mod, with/without SuExec? :confused:

Many thanks,

- Vince
I am unsure about loads, but SuPHP is used when PHP is not running as CGI/FastCGI. When PHP is running as CGI/FastCGI, SuExec is used instead as that targets CGI apps.

You wont have an instance where a single PHP installation is running under SuExec and SuPHP simultaneously.
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
Thanks David,
So I cannot run SuPHP on this server then, because it has concurrent PHP4/5 with PHP4 running as Apache MOD?
I believe you misunderstood my statement. If you run PHP as an Apache module, you can use SuPHP. If you run PHP as any form of CGI, you cannot use SuPHP, and must use SuExec instead as SuExec handles this functionality for CGI applications.

Lastly, any 'gotchas' to look out for if I change to SuPHP?
'm worried about existing client sites that need 777 permissions on some directories.

Thanks again,

- Vince
SuPHP does not permit excessive permissions such as 777 as they are not required in a SuPHP environment. Scripts with 777 permissions or including files with 777 permissions will generate a HTTP 500 error once SuPHP is running.

Note, any applications that rely on 777 permissions typically mean that whatever user PHP is running as must be able to read, write and execute the file. In a mod_PHP environment, xx7 permissions are required as PHP is running as user nobody. However, when SuPHP is running, you can use 755 permissions or lower without issue since PHP is now running as that individual user.

Most modern PHP scripts will easily accommodate SuPHP setups. Generally it's only scripts that are unaware of common contemporary PHP security practices that blindly insist on and inappropriately enforce 777 permissions.