I've moved an existing site (which I didn't write) from a apache/php/mysql
host under windows to a linux apache/php/mysql host.
I've sorted out most problems except one.
There is an upload function on the site, which uploads files via POST to
temp folder and then moves it into a folder on the host using php function
move_uploaded_f ile. Under windows this works fine but on the linux host the
uploaded file is created with 600 permissions so it cannot be accessed later
by site visitors. The folder it is uploaded into has 755 permissions. Is
there a way of setting the default file permissions so each uploaded file
can be set to say 644 or do I need to chmod each file after upload ?
Thanks
4  10541 
... There is an upload function on the site, which uploads files via POST to
temp folder and then moves it into a folder on the host using php function
move_uploaded_f ile. Under windows this works fine but on the linux host the
uploaded file is created with 600 permissions so it cannot be accessed later
by site visitors.
Do you serve your temp folder then?
The folder it is uploaded into has 755 permissions. Is
there a way of setting the default file permissions so each uploaded file
can be set to say 644 or do I need to chmod each file after upload ?
Let me see where things go wrong. As far as I know, there is one Linux
user (let's call this account "webserver" , although it has probably
another name) who does the upload to the temp folder and does all file
operations in PHP. So, theoretically, you could deny all "group" and
"other" rights on uploaded files.
Do the uploaded files show up in the temp folder? (Note that this is
hard to see, as PHP removes them if they are not processed) In general,
does the "webserver" user have enough rights on the temp folder?
Best regards,
--
Willem Bogaerts
Application smith
Kratz B.V. http://www.kratz.nl/
"Willem Bogaerts" <w.********@kra tz.maardanzonde rditstuk.nlwrot e in
message news:46******** *************@n ews.xs4all.nl.. .
>... There is an upload function on the site, which uploads files via POST
to
temp folder and then moves it into a folder on the host using php
function
move_uploaded_ file. Under windows this works fine but on the linux host
the
uploaded file is created with 600 permissions so it cannot be accessed
later
by site visitors.
Do you serve your temp folder then?
Not sure what this means ?
>The folder it is uploaded into has 755 permissions. Is
there a way of setting the default file permissions so each uploaded file
can be set to say 644 or do I need to chmod each file after upload ?
Let me see where things go wrong. As far as I know, there is one Linux
user (let's call this account "webserver" , although it has probably
another name) who does the upload to the temp folder and does all file
operations in PHP. So, theoretically, you could deny all "group" and
"other" rights on uploaded files.
Do the uploaded files show up in the temp folder? (Note that this is
hard to see, as PHP removes them if they are not processed) In general,
does the "webserver" user have enough rights on the temp folder?
I can't see as it disappears once the upload is complete.
However the file is uploaded ok except it ends up in the destination folder
with a 0600 permission. So for this to happen the php upload process user
must have write permission to whatever tmp folder is used and the
destination folder. I can chmod the file after is is moved into the
destination folder via move_uploaded_f ile(), but I'm trying to understand
why the uploaded file permission ends up at 0600 ?
Regards
Tony
Tony B wrote:
"Willem Bogaerts" <w.********@kra tz.maardanzonde rditstuk.nlwrot e in
message news:46******** *************@n ews.xs4all.nl.. .
>>... There is an upload function on the site, which uploads files via POST
to
temp folder and then moves it into a folder on the host using php
function
move_uploaded _file. Under windows this works fine but on the linux host
the
uploaded file is created with 600 permissions so it cannot be accessed
later
by site visitors.
Do you serve your temp folder then?
Not sure what this means ?
>>The folder it is uploaded into has 755 permissions. Is
there a way of setting the default file permissions so each uploaded file
can be set to say 644 or do I need to chmod each file after upload ?
Let me see where things go wrong. As far as I know, there is one Linux
user (let's call this account "webserver" , although it has probably
another name) who does the upload to the temp folder and does all file
operations in PHP. So, theoretically, you could deny all "group" and
"other" rights on uploaded files.
Do the uploaded files show up in the temp folder? (Note that this is
hard to see, as PHP removes them if they are not processed) In general,
does the "webserver" user have enough rights on the temp folder?
I can't see as it disappears once the upload is complete.
However the file is uploaded ok except it ends up in the destination folder
with a 0600 permission. So for this to happen the php upload process user
must have write permission to whatever tmp folder is used and the
destination folder. I can chmod the file after is is moved into the
destination folder via move_uploaded_f ile(), but I'm trying to understand
why the uploaded file permission ends up at 0600 ?
Regards
Tony
Tony,
Try a linux admin group. The default file mask for your apache user is
probably set up as 600.
--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp. js*******@attgl obal.net
=============== ===
... I can chmod the file after is is moved into the
destination folder via move_uploaded_f ile(), but I'm trying to understand
why the uploaded file permission ends up at 0600 ?
Ok, I thought that you could not upload at all due to rights problems.
But I still cannot see the problem. The "upload generator" and the "web
server" are still the same user as far as I know, so this user should be
able to read (and serve) the 0600 files just fine.
As Jerry Pointed out, you can set the default umask in apache. Note that
this is a negative mask, so you have to set the bits that you want
cleared in the file permissions.
Best regards,
--
Willem Bogaerts
Application smith
Kratz B.V. http://www.kratz.nl/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: lawrence |
last post by:
I've been using the following function (yes, it is inelegant, what can
I say, I wrote it a long time ago) to upload images. Haven't had a
problem with it for at least a year, and I don't recall changing it
anytime recently. Nevertheless, the script is suddenly dying on this
line:
if (copy($uploadedFile, $pathToImageFolder)){
This is...
|
by: pdav |
last post by:
Hi!
Is there any solution to create a directory with one script
with mkdir(), and then write a file (or move an uploaded file) in this
directory with another script?
The problem is, that the directory belongs to the PHP-interpreter (UID
33 in my case) and the script doing the file creation and the one
creating the directory belong to the...
|
by: Pat Carden |
last post by:
Hi,
We need to allow webusers to upload a file on our website (on Server3, all
servers run Server 2003, remotely hosted) and eventually save it on our SBS
Server (Server2) which is not exposed through our firewall. We have another
server (Server1) within the SBS domain that is exposed through port 80 of
the firewall on which we host some...
|
by: Tom Wells |
last post by:
I have a little file upload page that I have been able to use to successfully upload files to the C: drive of LocalHost (my machine). I need to be able to upload to a network drive from the intranet server. On the line: dirs = Directory.GetDirectories(currentDir) I get "Access to the path "\\les-net\les\Special Projects\ATSPDF" is denied." ...
|
by: Wayne Smith |
last post by:
I've come up against a major headache that I can't seem to find a solution
for but I'm sure there must be a workaround and I would really be grateful
of any help.
I'm currently building a web site for a small club I belong to and one of
the features I would like to include is the ability to allow users to upload
image files.
...
| | |
by: G |
last post by:
Hello Friends
How are you?
I came with a problem near you.
I want to upload a image to my ftp, iam getting this below error. i have a
code which is working in my local system, i have an idea that we need to
provide permissions to upload(like username password) but where we have to
provide those details can you please tell me.
Microsoft...
|
by: Event Horizon |
last post by:
Hi,
I'm trying to add an simple upload applet to shopping cart script. My new
applet form sends all needed post fields ( quantity, product, etc... )
but the "file" post field is hardcoded in applet.
Shop script works with :
<input type="file" name="id"/>
but not with applet's:
<input type="file" name="SourceFile_1"/>
I just cannot figure...
|
by: Tim Payne |
last post by:
I have an odd permissions issue with uploading files to a windows 2003
server.
I have a reasonably unusual setup. We have a php website, running through
IIS that was written to use mod_rewrite. Obviously, this doesn't exist in
IIS, so as a workaround, I have the .net isapi dll as a wildcard handler for
the site, with the rewriting done by...
|
by: eclipsme |
last post by:
I thought I had this licked, but apparently not.
I have a file upload script that attempts to upload a file to a
directory in the public_html directory - www.domain.com/upload
The permissions for the directory have to be 777 for this to work or
esle it aborts with a permissions error - obviously a problem. The php
script runs as user...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it. ...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |
