[Typo3-dev] Phpsuexec works with the zip package...

[Martin-Pierre Frenette]

I have been using Typo3 for over 3 years I think, and phpsuexec
for at least 2 years ( I was one of the first webhosts to try it out,
and cablan.net is the #1 google result for phpsuexec ! ).


Typo3 works well on Phpsuexec, provided :

1 ) you use the zip package.
2 ) you modify the source code a little. ( I will post a message to that 
effect in a new thread )
3 ) you set the file creation rights properly.

You list a bunch of rules, while many of them prevent symlinks, they do 
not prevent Typo3 ( zip package ) from working at all.

1. User executing the wrapper must be a valid user on this system.

Of course....

2. The command that the request wishes to execute must not contain a /.

Didn't hear that one.


3. The command being executed must reside under the user's web document
root..

Well, not a problem with the zip package.


4. The current working directory must be a directory.

Can it be otherwise ?

5. The current working directory must not be writable by group or other.

Yes. That one is REALLY important. You CAN set all php files 0700 ( even
config files ) and all directories 0711 without any problems.

6. The command being executed cannot be a symbolic link.

Indeed... that is the biggest restriction.

7. The command being executed cannot be writable by group or other.

Exactly, but you CAN set all .php files 0700 !!!

8. The command being executed cannot be a setuid or setgid program.

9. The target UID and GID must be a valid user and group on this system.

Of course...

10. The target UID and GID to execute as, must match the UID and GID of the
directory.

Yes, indeed, but that is not a problem on shared hosting.


11. The target execution UID and GID must not be the privledged ID 0.

If it is the userid of the user, that is not a problem.

12. Group access list is set to NOGROUP and the command is executed.