/** * function for changing owner and group to correct and safe settings. * * we read which user the web server is running under by fetching * the whoami script from the server. the owner will be the user running the * script. Public upload dir /htdocs/files will then be set to 770 with correct * user and group * * @return int value from exec command */ function cos_chmod_files() { $group = conf::getServerUser(); if (!$group) { common::echoMessage('Servername is not set in config.ini', 'r'); common::echoMessage('Set it, and try again', 'y'); return 1; } // Try to get login username // As it is easier for the current user to examine // the files which belongs to the web user if (function_exists('posix_getlogin')) { $owner = posix_getlogin(); } else { $owner = exec('whoami'); } if (!$owner) { $owner = $group; } common::needRoot(); $files_path = conf::pathBase() . '/htdocs/files '; $files_path .= conf::pathBase() . '/logs '; $files_path .= conf::pathBase() . '/private '; $files_path .= conf::pathBase() . '/config/multi'; $command = "chown -R {$owner}:{$group} {$files_path}"; common::execCommand($command); $command = "chmod -R 770 {$files_path}"; common::execCommand($command); }
/** * Function for changing group settings on some files, which the server needs to * have read and write access to. * * Change these files, so anon users does not have any access to them. * * We read the user under which the web server is running. This is done by fetching * the `htdocs/whoami.php` script from the server. * * @return void */ function cos_chmod_files() { // Get group $group = conf::getServerUser(); if (!$group) { common::abort('Could not fetch server user. Check if server_name is set in config/config.ini, and check if this server is running'); } common::needRoot(); $files_path = cos_files_group(); $command = "chgrp -R {$group} {$files_path}"; common::execCommand($command); $command = "chmod -R 770 {$files_path}"; common::execCommand($command); }