phpsuphp

suPHP causing error for directory ownership

[Fri Mar 11 14:48:20 2016] [error] [client 181.236.205.241] SoftException in Application.cpp:594: Directory /home/myuser/public_html is not owned by myuser

How can I fix this error without giving the directory the ownership myuser. It MUST be a different user.

Can i use some suphp.conf configuration?

EDIT it would be ok to change the ownership of the homefolder alltogether, but I am not sure if that would solve the suPHP problem

EDIT2 the reason i want to do all of this is because a big website gets hacked. As one of the measures, instead of fixing the whole huge application, is taking away writing rights to folders and files of the apache server. The server no longer should have the right to write rename or create files. For this, i have to take away the ownership of the files / folders obviously.

background to what I tried a bit: https://stackoverflow.com/questions/35947081/suphp-giving-false-feeling-of-security

Solution

  • Here's some code from Application.cpp (downloaded from http://www.suphp.org/Download.html)

        UserInfo directoryOwner = directory.getUser();
    if (directoryOwner != owner && !directoryOwner.isSuperUser()) {
        std::string error = "Directory " + directory.getPath()
            + " is not owned by " + owner.getUsername();
        logger.logWarning(error);
        throw SoftException(error, __FILE__, __LINE__);
    }

    It looks like if you make the owner a superuser (root is probably easiest), the error might go away.

    At risk of stating the obvious, the command would be something like this

    $sudo chown root /home/myuser/public_html

    EDIT to add more code related to the question in the comments

    try {
    // Change working directory to script path
    API_Helper::getSystemAPI().setCwd(
        File(scriptFilename).getParentDirectory().getPath());
    if (mode == TARGETMODE_PHP) {
        std::string interpreterPath = interpreter.substr(4);
        CommandLine cline;
        cline.putArgument(interpreterPath);
        API_Helper::getSystemAPI().execute(interpreterPath, cline, env);
    } else if (mode == TARGETMODE_SELFEXECUTE) {
        CommandLine cline;
        cline.putArgument(scriptFilename);
        API_Helper::getSystemAPI().execute(scriptFilename, cline, env);
    }
} catch (SystemException& e) {
    throw SoftException("Could not execute script \"" + scriptFilename
                            + "\"", e, __FILE__, __LINE__);
}