fingermark@gmail.com wrote:
[color=blue]
> ok, here's the update:
>
> i'm trying to write an upload script on a web server that will not
> allow me to change the ownership or group name of a directory. i can
> physically create /public_html/uploads to be 777 so that i can upload
> files and edit images uploaded on that directory. the problem is, how
> can i prevent someone from writing their own script off of my server (a
> remote script) and adding/deleting files in /public_html/uploads since
> it is 777?[/color]
Hi,
[where I say 'apache' here I mean the user that runs as apache the PHP code,
which is also named often 'www-data' or 'nobody']
A few things you should/can consider:
If you store the images in xxx/public_html/uploads probably anybody can just
type
http://www.yoursite.com/uploads/... and get them, unless you take some
precautions like making the files unreadable for user apache, in which case
you'll have a hard time using them in your website. So that is a bad
solution, agree?
A solution I used once is the following:
You need a solution where apache can write the files (from fileupload) and
read them too (to use in your website).
So why not let apache create the directory and change the filepermissions on
it to: uploads drwx------ apache apache
Now apache can read, write, delete in that directrory.
Note: How to do this?
1) You'll have to temporary change permissions in the parentdirectory to
allow apache to create the directory in public_html.
chmod 777 public_html
2) Make a simple sript that creates the uploadsdirectory and chmod it to the
above (chmod 700 uploads).
3) Set the permissions on public_html back to whatever you like, or had
before.
Now you are reasonably safe, except for 1 thing: Other users on your machine
can ALSO run php scripts as apache (on most setups).
So they could modify this uploads directory via their own PHP scripts.
If you do not trust them (on shared hosting or because you know they are
@ssh0les) you could use the following trick to make their life more
misserable:
Instead of the uploadsdirectory, you make a subdirectory in uploads, which
you give a horrible name, like this:
/home/yourhomedir/public_html/uploads/Hytr647ygghfFpioiaoiu17897/
In that directory you store the images, and you make sure the
uploadsdirectory doesn't have listpermissions for apache.
so uploads will get:
uploads drw------- apache apache
and the funky named directory will get:
Hytr647ygghfFpioiaoiu17897 drwx------ apache apache
Now you have to do 1 last thing, because you do not want your html to
contain the name of the funky named directory. That would be too easy for
them.
So instead of pointing the path to your uploaded images directly to
upload/Hytr647ygghfFpioiaoiu17897/mrx.jpg
like in <img src="upload/Hytr647ygghfFpioiaoiu17897/mrx.jpg">
you need something like:
<img src="getimage.php?image=mrx.jpg">
And write a simple php script that knows the path to the image and returns
it. (That is very basic and you can find it on php.net)
Hope this helps.
Good luck.
Regards,
Erwin Moller
