I'm installing a php program and it asks me to chmod directories to 777, well when i do that i get this in my error log of cpanel

timestamp error: directory is writable by others filename

and then the file im trying to reach i get this

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, www and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


If i change the dirctory to 755 the file will work again, but then the program won't function like its suppose to.

Is there a command I can run to correct this issue? or something in whm i need to adjust?

Thanks

Change it to mod 755 or lower. Your host is running PHPSuexec most likely.

yes i am....the only issue with chmod to 755 is that the script i have installed won't perform like is meant too....

It will perform the way it's meant to be. Those writing the docs are assuming running PHP as an Apache mod which will then inherit Apache permissions. Therefore the only way for it to write is to have it world writable (mod 777) . But in PHPSuexec, that is no longer true. PHP runs as the user. So as long as the file is own by the user, even mod 700 is possible if you want to do to that extreme.

You should probably read up on PHPsuexec before actually using it as it behaves significantly differently from PHP as an apache mod.

What Sprintserve said:
777 is understood as thus

world read
world write
world execute

Now, do you reeeeaaaally want individuals writing to this file? Chances are no you don't. This is a very strong vulnerability, because (especially with php) all you have to do is overwrite the file, and you've got instant hack.. OOOPS

This is one of the reasons I don't recommend phpsuexec tho, it conflicts with too many scripts out there, and causes numerous problems. Not that this wouldn't have been a good problem to cause, but there are those that it affects very adversely

Just my 0.02, and perhaps a bit further explaination

Thanks for the help :-D, after reading...i'm not sure why i enabled it in the first place :-/ is there a way to uncompile JUST that feature? I don't want to re-compile apache if i don't have too....

Thanks for the help

anybody have the command to do that? or do i need to recompile it all?

10:1 you'll need to recompile everything just to get it out of the system . That's the only way I've done it (not that I've researched too many other ways mind you). It's not really a "module" per se in php, it's something built in, which is compiled into the core binary, as I understand it.

If you are using cpanel, its easy to remove phpsuexe. Just re run /scripts/easyapache

But i would prefer to use phpsuexe as its more secure. My Cpanel box use phpsuexe, i have one with no control panel, not sure how to get php running in phpsuexe, now i am using safe mode on, with phpsuexe its easy to track users who take too much cpu time.

re run /scripts/easyapache

IE: as was said before, recompile


But i would prefer to use phpsuexe as its more secure.

There are plenty of other ways to be "secure". Relying on something that will most definitely break scripts for "security" is not security, nor is it offering your users any sense of it. It's unstable, and depending upon the script you're using will break it.

I would prefer all servers to be disconnected from the internet as that's MUCH more secure, but you know what, it comes down to usability and choice. You can't use a server as a webserver (except via intranet) if it's not connected to the internet, and the same goes with phpsuexec. IF it breaks products or scripts, that means it's not ready for usage. If it wreaks havoc with users, it's not "security", it's a bug.

Phpsuexe won't allow to run a php script with 777 permission as its not secure. Other scripts can over write your scripts, its better to rewrite the code in a way that data is stored in data file and not in the PHP script itself, so you don't need to overwrite PHP script.

Thanks guys...i recompiled and all went smooth :-D

thanks for the help

From experience, had probably a couple of scripts that the users wanted that really broke. Other than that, it works pretty well for the rest of the users. Our experience at least.