[Typo3] changing user in phpShell

Thu Apr 7 21:39:10 CEST 2005

On Apr 6, 2005 8:11 PM, Christoph Koehler <christoph.koehler at gmail.com> wrote:
> So, I set everything writeable to all with my account, install typo3 as
> nobody and then turn everything back to non-writable with my account. Can
> I modify any files that I install with nobody with my normal account then
> or will I run into problems later?
> 
> Thanks for everyone's answers so far!!
> 
> Christoph

I don't know why you installed PHPshell in the first place. I'm
guessing it's so you could have something similar to SSH access to
begin with (ie you don't have it), in which case I don't think you can
do what I've outlined. You might be able to upload from a linux
machine using FTP and preserve the file permissions though... I don't
know I haven't tried.

Before continuing on to explain my explanation for what *I* used
PHPterminal for, I want to mention a few pointers:
1) If you don't have SSH access I don't think this method will do any
good because you need to be able to chmod a folder so that nobody (or
equivalent webserver user) can write to it.
2) Using the method I outlined, it took me a good hour or so to go
back and forth modifying all the permissions her moving that there...
It takes a long while and you have to be very careful about all you
do. If you forget to disable write access to some folders after
installing some stuff anyone on your shared server could potentially
wreak havok with your files.
3) If you don't understand *n*x file permissions, I'd suggest finding
some tutorial on the internet and play around with a folder you don't
care about BEFORE you do something with your home folder or other
important folders.
4) There isn't a fancy gui like the windows explorer, it's all command
line... If that scares you, you might not want to do this. If 'mv',
'rm', and 'cp' don't look familiar. Familiarize yourself with them.

That being said, yes, I enabled write access to 'others' for my home
folder. I then used nobody in PHPterminal and downloaded the Typo3
tar.gz files with wget:
wget <url to file>
and untared it using:
tar xzf <filename>
It's not a good idea to use the v command switch here though, because
it generally kills my SSH connection if I'm connected through SSH, or
else the PHP execution timeout occurs because it takes longer for it
to output the name of every file in untars rather than just untaring
it. so don't use: 'tar xzvf <filename>'.
After moving the folders where I needed them I disabled write access
to my home folder to make sure I wouldn't forget. A few times after
that when I had to write again, I reenabled, did what was needed with
nobody and disabled again. You probably want to take note of what the
permissions are like on your home folder and make sure to put it back
before you're done.

After getting all the Typo3 stuff setup with nobody, I enabled write
access for others to those folders, I went and untared another copy of
Typo3 in my home folder using my  username/pass via SSH. I then moved
all of the files that Typo3 didn't need to write too and copied the
ones owned by my user in their place, so that Typo3 has only the bare
minimum of write access.

I'm not going to do a step by step of everything I did because, as I
said, it took me a good hour or more to go through and do this, and
documenting it would take even longer. This should give a good diving
board for you. So jump on in. Just watch security, as that is the
whole point of going to all this effort, to have a secure install
without having to submit a support request/ticket to your Shared Host
administrator.

Cheers,
Jacob