write access dilemma

[myles7073]

hello all. i'm an aspiring web developer and i'm struggling with a problem that i can't seem to find a specific enough answer to. i have a php application i wrote for a website that allows an employee of the company to upload pictures of artwork into a directory which can be called upon by another application to display those images in a gallery to public visitors of the site. to accomplish this i had to chmod file permissions to 775 which grants write access in that image directory to the world. i understand this is a very bad security problem and i'm curious if there is a relatively simple solution that i haven't been lucky enough to find yet. any help would be very much appreciated.

[requinix]

There are a few but the easiest way is to make Apache/PHP own the directory you're uploading into. Then you can keep it as 0755. Downside is that you as a regular user (like with SSH or FTP) can't add or remove files yourself - you'd have to make PHP do it. (Or sudo.)

 

0. Move the current upload folder somewhere

1. chmod 0777 the parent directory (the one where the upload folder itself lives)

2. Have PHP mkdir() the new upload folder as 0777

3. Move the uploads yourself into that folder, or make PHP/sudo do it (in which case #2 and #4 aren't needed)

4. Have PHP chmod it back to 0755

Edited June 4, 2013 by requinix

[myles7073]

if i understand correctly

 

0- move current upload directory to make room for a new upload directory to be created by the php script

1- change the file permissions of the parent directory of the upload directory to 777

2- php script creates new upload directory and sets permissions to 777 so it can upload the images

3- can sudo be used on windows server? also, putting the images there myself defeats the purpose

4- php script finishes uploading images and changes file permission of upload directory back to 755

 

seems like that still leaves the parent directory of the upload folder wide open to the world ...? 

[requinix]

Yes, but

 

2. You don't need to change permissions to upload files. The 7 in 0755 will apply to Apache/PHP since it owns the folder, so it can do whatever it wants without needing any changes. I said 0777 just in case you manually (ie, not using code) wanted to move the existing files into their new home.

3. No. And you put the files that already exist there. You know, the ones in the directory from #0 that you had to move. Those files, you put them back into the new directory.

 

This is just a one-time thing. Once you move the files around and have the directory as 0755 you don't have to do anything else for the upload besides the actual move_uploaded_file(). No permission changes.

[kicken]

3- can sudo be used on windows server? also, putting the images there myself defeats the purpose

If you're on a windows server, then none of this chmod stuff really applies. Windows uses ACL for it's permission system which means you just add both your user and the server's user to the directory in question with the appropriate permissions.

[trq]

If you're on a windows server, then none of this chmod stuff really applies.

But who the hell uses Windows servers?

[448191]

Maybe I misunderstood but if the problem pertains to more options regarding file access permissions, I propose you look at setfacl. But it might require administrative control as its not available by default nor enabled on filesystems by default: http://linuxcommand.org/man_pages/setfacl1.html

 

You can avoid sudo and avoid many issues created by inflexible/unconfigurable code. But Tony might have a thing or two to say about it as he's probably more versed on the topic.

Edited June 4, 2013 by 448191