fi********@gmai l.com wrote:
ok, here's the update:
i'm trying to write an upload script on a web server that will not
allow me to change the ownership or group name of a directory. i can
physically create /public_html/uploads to be 777 so that i can upload
files and edit images uploaded on that directory. the problem is, how
can i prevent someone from writing their own script off of my server (a
remote script) and adding/deleting files in /public_html/uploads since
it is 777?
Hi,
[where I say 'apache' here I mean the user that runs as apache the PHP code,
which is also named often 'www-data' or 'nobody']
A few things you should/can consider:
If you store the images in xxx/public_html/uploads probably anybody can just
type
http://www.yoursite.com/uploads/... and get them, unless you take some
precautions like making the files unreadable for user apache, in which case
you'll have a hard time using them in your website. So that is a bad
solution, agree?
A solution I used once is the following:
You need a solution where apache can write the files (from fileupload) and
read them too (to use in your website).
So why not let apache create the directory and change the filepermissions on
it to: uploads drwx------ apache apache
Now apache can read, write, delete in that directrory.
Note: How to do this?
1) You'll have to temporary change permissions in the parentdirectory to
allow apache to create the directory in public_html.
chmod 777 public_html
2) Make a simple sript that creates the uploadsdirector y and chmod it to the
above (chmod 700 uploads).
3) Set the permissions on public_html back to whatever you like, or had
before.
Now you are reasonably safe, except for 1 thing: Other users on your machine
can ALSO run php scripts as apache (on most setups).
So they could modify this uploads directory via their own PHP scripts.
If you do not trust them (on shared hosting or because you know they are
@ssh0les) you could use the following trick to make their life more
misserable:
Instead of the uploadsdirector y, you make a subdirectory in uploads, which
you give a horrible name, like this:
/home/yourhomedir/public_html/uploads/Hytr647ygghfFpi oiaoiu17897/
In that directory you store the images, and you make sure the
uploadsdirector y doesn't have listpermissions for apache.
so uploads will get:
uploads drw------- apache apache
and the funky named directory will get:
Hytr647ygghfFpi oiaoiu17897 drwx------ apache apache
Now you have to do 1 last thing, because you do not want your html to
contain the name of the funky named directory. That would be too easy for
them.
So instead of pointing the path to your uploaded images directly to
upload/Hytr647ygghfFpi oiaoiu17897/mrx.jpg
like in <img src="upload/Hytr647ygghfFpi oiaoiu17897/mrx.jpg">
you need something like:
<img src="getimage.p hp?image=mrx.jp g">
And write a simple php script that knows the path to the image and returns
it. (That is very basic and you can find it on php.net)
Hope this helps.
Good luck.
Regards,
Erwin Moller