473,581 Members | 2,506 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

file creation: ownership

I have read many posts on this subject and found no satisfying answer.

I am creating a file on the server via a PHP script. The file is
created using GD (imagejpeg()), though I don't think it is specific to
GD.

Here is what I understand so far:
1) a PHP script runs in the webserver user space. In my case, this is
'apache', though I think 'nobody' is quite frequent also.
2) creating a file from the script makes the "current" user its owner;
in this
case, it is also 'apache'
3) for a reason I don't get, this file will get a permission rx-------
4) using ftp solves the problem

Now, this is a problem to me. I need to create a file which will have
the same owner as if I uploaded it by ftp. IIUC, I cannot use GD with
ftp. More generally, I would prefer to avoir ftp.

The server is running in safe mode, it may cause additional problems I
am not aware of.

chmod and chown are disabled.

Therefore, I need a way to create a file (specifically with GD) which
*I* will own, as if I uploaded it by ftp.

This is getting quite urgent so a quick answer would be appreciated,
though I understand my time is not more valuable than yours.

Thank you,
Jonathan

Aug 21 '05 #1
6 1714
jo************* **@gmail.com wrote:
I have read many posts on this subject and found no satisfying answer.
<snip> Now, this is a problem to me. I need to create a file which will have
the same owner as if I uploaded it by ftp. IIUC, I cannot use GD with
ftp. More generally, I would prefer to avoir ftp.
<snip>
chmod and chown are disabled.


So I guess you don't control the server. The security model has been
specifically configured to prevent you doing such a thing. (actually the
objective is probably to prevent other people, particularly those whom
should not have access, but it amounts to the same thing).

Assuming that both the chmod program AND the chmod php function are disabled
(you didn't say which) then there's not a lot you can do (except maybe you
could ask root to put you in the same group as the apache user and create a
dir with drwsrwx--- permissions, or setup a sudo job for the apache user,
but if you're accesing the system via FTP, it rather implies that this is a
hosted box rather than a high-security installation).

Maybe the best option is to look at why you think you need to create a file
owned by the ftp account which you didn't really explain in your post.

C.
Aug 21 '05 #2
In article <11************ **********@z14g 2000cwz.googleg roups.com>,
jo************* **@gmail.com wrote:
I have read many posts on this subject and found no satisfying answer.

I am creating a file on the server via a PHP script. The file is
created using GD (imagejpeg()), though I don't think it is specific to
GD.

Here is what I understand so far:
1) a PHP script runs in the webserver user space. In my case, this is
'apache', though I think 'nobody' is quite frequent also.
2) creating a file from the script makes the "current" user its owner;
in this
case, it is also 'apache'
3) for a reason I don't get, this file will get a permission rx-------
4) using ftp solves the problem

Now, this is a problem to me. I need to create a file which will have
the same owner as if I uploaded it by ftp. IIUC, I cannot use GD with
ftp. More generally, I would prefer to avoir ftp.

The server is running in safe mode, it may cause additional problems I
am not aware of.

chmod and chown are disabled.

Therefore, I need a way to create a file (specifically with GD) which
*I* will own, as if I uploaded it by ftp.

This is getting quite urgent so a quick answer would be appreciated,
though I understand my time is not more valuable than yours.

Thank you,
Jonathan


I run a web site on my ISP's shared host under Apache with mod_php and
mod_perl. As you've found, any files created by php in this way are
owned by the Apache user, "apache" in your case. There's currently now
way to avoid this under this security model nor would I imagine my ISP's
admins allowing it.

But they saw the need for web developers to create files owned by the
user, so they installed cgiwrap (http://cgiwrap.sourceforge.net/) to
allow cgi programs to run in the context of the user. They don't offer
php as a cgi language, so I wrote want I needed in perl. Works just
fine.

If you don't have these options or your web server can't be configured
this way, you'll have to "roll your own" server and manage it yourself.
More expensive, but you then become a Unix admin as well as a web
developer. There are Linux web-server ISPs that offer this service.
I'm sure someone will chime in with some suggestions.

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Aug 21 '05 #3
Colin McKinnon wrote:
jo************* **@gmail.com wrote:
I have read many posts on this subject and found no satisfying answer.
<snip>
Now, this is a problem to me. I need to create a file which will have
the same owner as if I uploaded it by ftp. IIUC, I cannot use GD with
ftp. More generally, I would prefer to avoir ftp.

<snip>

chmod and chown are disabled.


So I guess you don't control the server.


I don't. It's a private hosting company.
The security model has been
specifically configured to prevent you doing such a thing. (actually the
objective is probably to prevent other people, particularly those whom
should not have access, but it amounts to the same thing).
I may be able to make suggestions to the company (looks like a small
one, but I may be mistaken). IIUC, that's how PHP works. The only way
(and I see this as a hack) is to chown the file after uploading. So the
suggestion I could make would be to enable chown in PHP. Would that be
a major thing to do for the company?
Assuming that both the chmod program AND the chmod php function are disabled
(you didn't say which)
I didn't know they were separated. I checked and both are.
then there's not a lot you can do (except maybe you
could ask root to put you in the same group as the apache user
and create a dir with drwsrwx--- permissions,
Probably impossible.

<snip>
Maybe the best option is to look at why you think you need to create a file
owned by the ftp account which you didn't really explain in your post.


I am hosting a blog on which I can upload pictures. Uploading is done
in two parts: first an applet uploads the picture by ftp and then a php
script creates thumbnails with GD. The java applet is fine (uses ftp,
of course) but the php script (gd) creates file having the owner
'apache'. There is the problem.

An obvious solution would be to have the java applet making the
thumbnail, but I would like to keep the current setup (a pain to
modify).

Any hints?
Jonathan

Aug 22 '05 #4
Jonathan Mcdougall wrote:
Maybe the best option is to look at why you think you need to create a
file owned by the ftp account which you didn't really explain in your
post.
I am hosting a blog on which I can upload pictures. Uploading is done
in two parts: first an applet uploads the picture by ftp and then a php
script creates thumbnails with GD. The java applet is fine (uses ftp,
of course) but the php script (gd) creates file having the owner
'apache'. There is the problem.


Nope, I don't get why this is a problem - unless PHP can't access the images
becuase the FTPd is also set to save files 0600 (is chmod in ftp disabled
too?).
An obvious solution would be to have the java applet making the
thumbnail, but I would like to keep the current setup (a pain to
modify).


Sounds like the problem is the permissions with the ftpd which you're trying
to fix from PHP.

quick suggestions:

1) upload the file using HTTP (ftp is just BAD anyway)
2) upload the file to a temporary area using ftp then have you PHP file scan
the area for new files and copy them (with the permissions of the
webserver) to the 'live' area.

C.
Aug 22 '05 #5

Colin McKinnon wrote:
Jonathan Mcdougall wrote:
Maybe the best option is to look at why you think you need to create a
file owned by the ftp account which you didn't really explain in your
post.
I am hosting a blog on which I can upload pictures. Uploading is done
in two parts: first an applet uploads the picture by ftp and then a php
script creates thumbnails with GD. The java applet is fine (uses ftp,
of course) but the php script (gd) creates file having the owner
'apache'. There is the problem.


Nope, I don't get why this is a problem - unless PHP can't access the images
becuase the FTPd is also set to save files 0600 (is chmod in ftp disabled
too?).


For each image sent by the user, I keep two on the server. The first is
sent by the java applet (using FTP) and is the original version. It it
saved in a folder and I have no problem with this file (I am the owner,
at least 0644).

The java applet then refreshes the page and a PHP script kicks in. It
finds the newly uploaded images and creates thumbnails with gd. These
files are saved in the same folder. These are the problematic files:
the owner is 'apache' and they are 0600.

Accessing the first (uploaded by applet/FTP) images is fine.

Accessing the thumbnails (created by PHP) does not work, as if the
image were non existent. Asking the hosting company to modify the
permissions of these files to 0644 makes the images load fine.
An obvious solution would be to have the java applet making the
thumbnail, but I would like to keep the current setup (a pain to
modify).


Sounds like the problem is the permissions with the ftpd which you're trying
to fix from PHP.


No. Two different files are created. The first one by FTP is fine and
the second one by PHP is wrong.

What's more, if I do something like

<?php

$i = createimage(1, 1);
createjpeg($i, "test");

?>

on a test page, the "test" file is owner by 'apache' and is 0600
(rw-------).
quick suggestions:

1) upload the file using HTTP (ftp is just BAD anyway)
I can't. Several (unlimited, but usually 15-20) jpeg pictures, usually
around 200k each. Impossible with the current server settings (max
upload particularily) and 20 text boxes with browse buttons are not
quite user-friendly.
2) upload the file to a temporary area using ftp then have you PHP file scan
the area for new files and copy them (with the permissions of the
webserver) to the 'live' area.


Hmm.. That seems good, but how would that solve the problem? And I need
to create a thumbnail. How could that 'temporary area' solve the
problem?
Jonathan

Aug 23 '05 #6
On 21 Aug 2005 12:55:00 -0700, jo************* **@gmail.com wrote:
I have read many posts on this subject and found no satisfying answer.

I am creating a file on the server via a PHP script. The file is
created using GD (imagejpeg()), though I don't think it is specific to
GD.

Here is what I understand so far:
1) a PHP script runs in the webserver user space. In my case, this is
'apache', though I think 'nobody' is quite frequent also.
2) creating a file from the script makes the "current" user its owner;
in this
case, it is also 'apache'
3) for a reason I don't get, this file will get a permission rx-------
4) using ftp solves the problem

Now, this is a problem to me. I need to create a file which will have
the same owner as if I uploaded it by ftp. IIUC, I cannot use GD with
ftp. More generally, I would prefer to avoir ftp.

The server is running in safe mode, it may cause additional problems I
am not aware of.

chmod and chown are disabled.

Therefore, I need a way to create a file (specifically with GD) which
*I* will own, as if I uploaded it by ftp.

This is getting quite urgent so a quick answer would be appreciated,
though I understand my time is not more valuable than yours.

Thank you,
Jonathan


Here's a far-out suggestion (that means it's untested), but what about
using PHP's built-in ftp functions such as ftp_chmod to set
permissions as needed.

Good luck!

heyster
Aug 31 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
3649
by: pdav | last post by:
Hi! Is there any solution to create a directory with one script with mkdir(), and then write a file (or move an uploaded file) in this directory with another script? The problem is, that the directory belongs to the PHP-interpreter (UID 33 in my case) and the script doing the file creation and the one creating the directory belong to the...
11
1869
by: Jacob | last post by:
I am trying to find the best way of documenting (in code and comments) ownership of secondary contained objects. This is my current status, and I would appreciate feedback on it: Case 1: When the secondary object is created with the object and dies with the object. Solution: Keep the secondary object as a stack variable, and
2
2219
by: Benden Ziyade | last post by:
Hello; I want to write a C program that check file ownership in /bin directory(ls, mkdir...). But I don't know how I start. I'm happy with your helping.
7
2573
by: Lalasa | last post by:
Hi, Can anybody tell me how many cpu cycles File.copy would take and how many cpu cycles File.Move would take? CFile::Rename in C++ takes just one cpu cycle. As there is no File.Rename in C#, I am worried about using File.copy or File.Move which would do the same job of renaming a file but I want it done in just one cpu cycle.
9
7207
by: Andrew | last post by:
Apologies for the double-post.. I'm new, just getting used to this.. and should have posted this way in the first place.. How does one go about taking ownership of a registry key using C# & .NET 2.0 *IF* one has _only_ TakeOwnership privilege? The problem is exactly as specified in MS KB Article ID: 111546 at:...
1
1730
by: ShaiH | last post by:
When I create a file from a simple command line application written in C# the file ownership given to the newly created file is of administrators group although I am running this application in my identity. I would expect that a created file will get the ownership of the running process identity. code: in the Mail I have a single line:...
5
1519
by: Paulo da Silva | last post by:
Hi! I need to process a file to produce another file that *must* have *exactly* the same attributes and permissions of the former. What is the best way to do this? The file must not exist with contents (it may exist empty) unless it has the same attributes and permissions. I know how to do this using, let me call it, "C type code" (stat,...
2
1823
by: joniboy123 | last post by:
Hi, I have a PHP script which creates new text files in the same directory as itself. The new files are also PHP scripts and are built with a line of code within them, which runs a function when they are browsed to by the user. E.g. the new file's contents are similar to <?php runFunction(83); ?> However, because the new file was...
13
2645
by: eclipsme | last post by:
I thought I had this licked, but apparently not. I have a file upload script that attempts to upload a file to a directory in the public_html directory - www.domain.com/upload The permissions for the directory have to be 777 for this to work or esle it aborts with a permissions error - obviously a problem. The php script runs as user...
0
7788
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
8137
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
0
8163
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
5355
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3799
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3813
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
2297
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
1
1397
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
0
1127
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.