473,372 Members | 1,112 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,372 software developers and data experts.

folder permissions

Hi!

My trouble might be simple, but I'm quite new to php, and, perhaps I'm even
more simple.
It's that I had to chmod 777 two folders to get my scripts do what I wanted
them to do, and I don't like it.
I have a script running on my ISP's unix-apache -server. It is to read
string from a form, and create a text-file in a subfolder 'txt' from it.
The essential parts of the script is here:

$fnam=$HTTP_POST_VARS[filename];
$handle =fopen("txt/".$fnam, "w");
$teksti=$HTTP_POST_VARS[tekstikentta];
touch('txt/'.$fnam);
fwrite($handle,$teksti);
fclose($handle);

Can't be simpler.
This script didn't work until I did a chmod777 for both folders, the one
where this script is, and the 't' subfolder. Is there a way to get around
this?
Oll¡maX!

--
email : ollimantyranta"boing"sunpoint"boing"net
Jul 17 '05 #1
4 13074
OllimaX wrote:
Hi!

My trouble might be simple, but I'm quite new to php, and, perhaps I'm
even more simple.
It's that I had to chmod 777 two folders to get my scripts do what I
wanted them to do, and I don't like it.
I have a script running on my ISP's unix-apache -server. It is to read
string from a form, and create a text-file in a subfolder 'txt' from it.
The essential parts of the script is here:

$fnam=$HTTP_POST_VARS[filename];
$handle =fopen("txt/".$fnam, "w");
$teksti=$HTTP_POST_VARS[tekstikentta];
touch('txt/'.$fnam);
fwrite($handle,$teksti);
fclose($handle);

Can't be simpler.
This script didn't work until I did a chmod777 for both folders, the one
where this script is, and the 't' subfolder. Is there a way to get
around this?
Oll¡maX!


One thing of importance to note is that on UNIX the user/group of Apache
is inherited by the PHP interpreter. Hence, if your Apache process is
running as user "nobody" and group "nobody" and the folder you are
writing to has the user and group set to "OllimaX" respectively; then,
"chmod"ing the folder to 777 will allow the PHP interpreter to write to
that folder. One way to fix this issue is to change the owner of the
folder to "nobody" (you need root access for this operation) and chmod
the folder to 774 (or something lower if you desire).

--
Amir Khawaja.

----------------------------------
Rules are written for those who lack the ability to truly reason, But
for those who can, the rules become nothing more than guidelines, And
live their lives governed not by rules but by reason.
- James McGuigan
Jul 17 '05 #2
Amir Khawaja wrote:
OllimaX wrote:
Hi!

My trouble might be simple, but I'm quite new to php, and, perhaps I'm
even more simple.
It's that I had to chmod 777 two folders to get my scripts do what I
wanted them to do, and I don't like it.
I have a script running on my ISP's unix-apache -server. It is to read
string from a form, and create a text-file in a subfolder 'txt' from it.
The essential parts of the script is here:

$fnam=$HTTP_POST_VARS[filename];
$handle =fopen("txt/".$fnam, "w");
$teksti=$HTTP_POST_VARS[tekstikentta];
touch('txt/'.$fnam);
fwrite($handle,$teksti);
fclose($handle);

Can't be simpler.
This script didn't work until I did a chmod777 for both folders, the one
where this script is, and the 't' subfolder. Is there a way to get
around this?
Oll¡maX!


One thing of importance to note is that on UNIX the user/group of Apache
is inherited by the PHP interpreter. Hence, if your Apache process is
running as user "nobody" and group "nobody" and the folder you are
writing to has the user and group set to "OllimaX" respectively; then,
"chmod"ing the folder to 777 will allow the PHP interpreter to write to
that folder. One way to fix this issue is to change the owner of the
folder to "nobody" (you need root access for this operation) and chmod
the folder to 774 (or something lower if you desire).

Thanks for the information,
My script is on my ISP's server, and I don't have any root access. Are there
any other ways to get away with this?
OllimaX!

Jul 17 '05 #3
Olli Mäntyranta wrote:
Thanks for the information,
My script is on my ISP's server, and I don't have any root access. Are there
any other ways to get away with this?
OllimaX!


Unfortunately, there is no real way around this unless you have root
access. You can take some security measures though. For example, make
sure that the folder being written to is outside your web root. You may
also try:

* chmod the directory containing that folder to 777; then create a setup
script whose sole purpose is to create the needed folder where the files
will reside; then using the setup script, chmod that folder to 644. Once
you have done all that, chmod the parent folder back to 755 (or whatever
you had it as before).

Voila, you will now have a folder that your web process can write to.
However, since you do not have root access, the only way now to delete
that folder will be to write a un-install script and run it.

P.S. make sure your web process runs the setup and un-install scripts
for the aforementioned technique to work.

--
Amir Khawaja.

----------------------------------
Rules are written for those who lack the ability to truly reason, But
for those who can, the rules become nothing more than guidelines, And
live their lives governed not by rules but by reason.
- James McGuigan
Jul 17 '05 #4
Amir Khawaja <am**@gorebels.net> kirjoitti Sat, 24 Jan 2004 15:03:38 -0800:
Olli Mäntyranta wrote:
Thanks for the information,
My script is on my ISP's server, and I don't have any root access. Are
there any other ways to get away with this?

* chmod the directory containing that folder to 777; then create a setup
script whose sole purpose is to create the needed folder where the files
will reside; then using the setup script, chmod that folder to 644. Once
you have done all that, chmod the parent folder back to 755 (or whatever
you had it as before).

Hey this is great! I'll try this.
Thanks for your effort.

Oll¡maX
--
email : ollimantyranta"boing"sunpoint"boing"net
Jul 17 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Andrew Crowe | last post by:
Hi guys, We're using the ISAPI version of PHP with IIS5.0 On some websites for some reason any php file in the websites root is given the path winnt/system32 (getcwd() returns...
7
by: Kim Lots | last post by:
Hi Sorry to disturb you again but i really like to know what's the NTFS folder permissions on a "virtual directory" folder for a public webserver iis 5.x running ASP 3.0 with an Access DB on a...
3
by: roger | last post by:
I've created a web setup project for my aspnet app, and added a web folder item "tmp" to the File System editor under the web application folder. (My app uses this folder for generating image...
0
by: Praveen | last post by:
Hello. I am writing some code that accepts a DFS Link and Username and grants that User permissions to the physical directory that the DFS Link corresponds to. I am using the System.Management...
7
by: Tom | last post by:
Can anyone give me any advice on how to secure a folder on a network server so that documents in the folder can only be opened through an Access database or by the database admin. I need to store...
2
by: Ram | last post by:
Hey, I'v managed to find a way of adding NTFS permissions to a certain folder, But the problem is, the folder has a couple of inherited permissions which I want to delete. How can I remove the...
6
by: Jeff | last post by:
Hi - I understand how to create a directory folder, but how can I programatically create a _shared_ directory folder and set its permissions?? (I'm using VB.NET.) Thanks for your help. -...
5
by: Mitchell S. Honnert | last post by:
Is there a way, given the full path of a folder on a network, that one can programatically tell if you have Read access to that folder? I have an application where the user is able to select a...
2
by: skinnybloke | last post by:
Hi - I have a file permissions problem with PHP. I am using a product called Actinic to develop a shopping cart. This creates a subfolder named ACATALOG into which it loads all of its files. The...
6
by: Andy Fish | last post by:
Hi, From what I can gather, under Asp.Net 2.0, it is safe to put data and config files underneath the app_data in the web root and they will not be served directly to the browser from a URL. ...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
0
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
0
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
0
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
0
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
1
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
0
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.