473,396 Members | 1,913 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > selective permission to write in the directory.

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Selective permission to write in the directory.

I want to create a publicly accessible php page which will generate
images (with the GD library) and store them in some directory. For
this I have to change the permission of directory (it has to be
writable for everybody). However, as far as I understand, this will
allow everybody to put in the directory whatever files. I would like
that only my php program has permission to write to the directory. Is
there any possibility to do that?

Jul 29 '07 #1
5 2157
You are reffering to other users with access (ssh, ftp, etc...) on the
same box.
Web users have no direct access to this folder (only through your
script which you can control)

Assuming you are on a unix machine using apache httpd:

You can give write access only to the user apache runs as.

Set apache user as owner:
chown -R apache.apache /path/to/writable/dir

Set permissions:
chmod -R 755 /path/to/writable/dir

Note: depending on your server's version and setup associated user
might be 'apache', 'nobody' or something else. If you are on a shared
hosting environment apache might be using your own user's permissions.

Hope this helps.

On Jul 29, 3:22 pm, Kurda Yon <kurda...@yahoo.comwrote:
I want to create a publicly accessible php page which will generate
images (with the GD library) and store them in some directory. For
this I have to change the permission of directory (it has to be
writable for everybody). However, as far as I understand, this will
allow everybody to put in the directory whatever files. I would like
that only my php program has permission to write to the directory. Is
there any possibility to do that?

Jul 29 '07 #2
Kurda Yon wrote:
I want to create a publicly accessible php page which will generate
images (with the GD library) and store them in some directory. For
this I have to change the permission of directory (it has to be
writable for everybody). However, as far as I understand, this will
allow everybody to put in the directory whatever files. I would like
that only my php program has permission to write to the directory. Is
there any possibility to do that?
Your PHP script will run under the Web Server's user id, and should
limit access to that id. It doesn't matter who is accessing your web
page. Other users should not have direct access (i.e. ftp) to the
directory.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Jul 29 '07 #3
I am not sure that I understood correctly. Is the logic as following?
All those, and only those, users which communicate with my server via
my php-script are seen by the server as 'nobody'. So, in the case if
ONLY 'nobody' has permission to write and execute the directory, the
content of the directory can be changed ONLY via my php-script. Do I
correctly understood?

Jul 29 '07 #4
bxd
On Jul 29, 5:30 pm, Kurda Yon <kurda...@yahoo.comwrote:
I am not sure that I understood correctly. Is the logic as following?
All those, and only those, users which communicate with my server via
my php-script are seen by the server as 'nobody'.
Something like that.
To put it another way, your webserver has access to the file system as
'nobody' (or whatever stands for your configuration).
Web users send requests to your webserver which handles them
appropriately (reads/writes files).
So, in the case if
ONLY 'nobody' has permission to write and execute the directory, the
content of the directory can be changed ONLY via my php-script. Do I
correctly understood?
Correct.

Jul 29 '07 #5
Kurda Yon wrote:
I am not sure that I understood correctly. Is the logic as following?
All those, and only those, users which communicate with my server via
my php-script are seen by the server as 'nobody'. So, in the case if
ONLY 'nobody' has permission to write and execute the directory, the
content of the directory can be changed ONLY via my php-script. Do I
correctly understood?
No ;)

There is a common confusion between "users" of your website and "users"
on your unix server. Users of the website are the people who visit it,
like me and you, users on the server are people and programs listed in
the server's /etc/passwd file. Website visitors have no rights on the
server, because they are not listed as "users" there. The permission
question is only relevant when we're talking about server users, not
about website visitors.
Most php installations are configured in the way that php scripts run
under the webserver user ("nobody", "www" or similar). On a shared
hosting, that means that the files you create can be also accessed by
everyone else hosted on the same server, because his scripts and yours
have same permissions.
php tries to solve this problem with notorious "safe mode", though it's
easy to fool around. You should consider dedicated hosting if security
is a concern.

--
gosha bine

extended php parser ~ http://code.google.com/p/pihipi
blok ~ http://www.tagarga.com/blok
Jul 29 '07 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
permission error on unlink, but who has permission if not PHP?
by: lawrence | last post by:
I wrote some code that let me upload a file to my server. Then I wrote some code to let me delete the file. But when I try to delete, I get this error: Warning: Unlink failed (Permission denied)...
PHP
2
predict directory write permission under windows?
by: Qiangning Hong | last post by:
I want to know if I can write files into a directory before I actually perferm the write behavor. I found os.access(path, os.W_OK) but it uses real uid/gid to check instead of euid/egid so it...
Python
11
File permission problem
by: Richard Muller | last post by:
Hi, I new to ASP. I have a problem with an ASP script opening a file for writing on my server. Here's how I got to this error: I downloaded a neat FileUpload ASP example from...
ASP / Active Server Pages
6
permission denied
by: Jean-Paul Lauque | last post by:
Hello, With my script ASP, I display list of folders and files in a directory. My problem is : when the directory is protected, I have a message an error page with "permission denied"...
ASP / Active Server Pages
2
Permission denied for copying file
by: Wanda | last post by:
Hi all, I have a permission denied error when I tried to copy a file from the local directory to another local directory by using the FSO (FileSystem) Set fso =...
ASP / Active Server Pages
9
Web App need permission to post files to a virtual directory
by: TPS | last post by:
I have a virtual directory where all posted files are stored. The ASP app does not have rights to the share on the other server where the vir dir resides. What is the best way to give the asp...
ASP.NET
0
Directory Permission Grumbles!
by: Jeremy | last post by:
I have an ASP.net application which needs to retreive images from multiple remote machines. It is reterieveing images generated by a web cam service on those machines. All of these machines,...
ASP.NET
0
Permission denied - help me please
by: private.anders | last post by:
Hi David! Really need assistance since I have been struggling with a problem long time now. I am running a web application on a Win 2003 Std (Active Directory). Everything works fine. I have...
ASP / Active Server Pages
0
Permission denied
by: private.anders | last post by:
Really need your assistance since I have been struggling with a problem long time now. I am running a web application on a Win 2003 Std (Active Directory). Everything works fine. I have...
ASP / Active Server Pages
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!