# I still can't list or view the files and I'm completely out of ideas. I
# need for someone to give me a direction to go with this. Do I write a CGI
# script in TCL to view and list the files, or is there still a PHP solution I
# haven't found where the folder can remain the default 755 and can view them
# that way?
One possibility is to use a variation of suexec (set user and exec). The apache
webserver has a form of this, and I think php also does. I also wrote a version
myself: it's not that hard if you can create an setuid root program. It gets
the username and password out of the ozone, encrypts 0, checks it
against /etc/passwd or /etc/shadow, and then does a setuid and exec. The hard
part is trying to do so without letting hackers run amuck on your system.
Another possibility to upload to another drop box folder, and run a daemon that
periodically scans the drop box, and then move/chown/chmod it to where you want
it to really be. I think you should be able to put a 777 folder with a 755
folder, so perhaps you can have a drop box within each folder.
Derk Gwen [url]http://derkgwen.250free.com/html/index.html[/url]
We found a loophole; they can't keep us out anymore.