I hope that explanation was clear enough for everyone to understand, thanks to Louis. You can read the whole thread here: http://forum.joomla.org/index.php/topic,30796.0.htmlOk, lets clarify a few things. Smiley
First off... It does not matter whether your user or httpd (or nobody, apache, whatever else apache user is) owns the Joomla core files. File ownership is determined upon file creation. It is determined by the user that owns the operating system process that creates the file in the filesystem.
Scenario: You are logged in as a user and you create a new file... something.txt with your favorite text editor (vi for example).
Since you execute the vi program while logged in as you (we will assume the username will be USER going forward). So, USER owns the vi process that created the file something.txt on the filesystem. This means that the file something.txt will be owned by USER.
Scenario: You upload a file ... somethingElse.txt using FTP.
Since you are logged into FTP using your user/pass combo... the FTP process that you are operating on has switched user to be owned by USER. Therefore, when the file somethingElse.txt is uploaded (created) to the filesystem... it will be owned by the owner of the process that created it, USER.
Scenario: You upload a file to a php script which saves it as yetSomethingElse.txt (not using suexec with php).
Ok, Apache, for security reasons, runs its processes owned by a "special" user... often named nobody, or apache, or httpd, or any other cute name that a sysadmin names it in the conf file. So in this case we will say the apache user is named httpd. So, you upload your file to the php script. Php is running in an apache module, which is running in the apache process...... guess who owns it? ... thats right... user httpd. Smiley Because of this... when php says... move_uploaded_file() and saves the file yetSomethingElse.txt ... it will be owned by none other than the user httpd. Is this a bug in php? no. Is it a bug in apache? no. Is it a bug in the php script? no. It is just how the filesystem ownership works.
suexec is a system by which apache Switches User and EXECutes the process based upon the user that owns the document root for the particular virtual host being requested. (catch the SUEXEC in that?) This is a solution that some hosts offer, and allows for all files created/modified/etc... by the apache processes to be owned by the proper user.
You may be asking yourself why apache behaves this way.... I would you suggest all those questions be directed to http://www.apache.org Wink
In summary, this is not a bug in the system, it is exactly how the system is designed to work... does that make your life any easier? no. But it is the explanation. There are several potential workarounds... one of them being the FTP client layer that I have written for 1.1 iI suppose.
Locked to keep coherency of message