|
Home > Archive > Web Servers on Unix and Linux > May 2004 > Apache/PHP and file write permissions
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Apache/PHP and file write permissions
|
|
| Rudolf Potucek 2004-05-04, 5:35 am |
| Hi All!
I am trying to have access restrictions in a unix filesystem but to also
write a file from Apache/PHP. The problem is that apache tells me
permission denied and I don;t understand why:
I have a file:
-rw-r--r-- www-priv.www-data myfile
and a directory:
drwxr-xr-x www-priv.www-data mydir
My apache is running a User=www-priv and Group=www-priv. So, in my
understanding of filesystem permissions, it should be able to either
write to file myfile or create a file myfile in mydir. It won't. I
actually have to set the OTHER permissions to writeable, which is exactly
what I want to avoid ... anyone have a clue why this is happening and
what to do about it?
Thanks,
RUdolf
--
You just might be a graduate student if...
* your desk/cubicle is better decorated than your apartment.
* you have ever brought a scholarly article to a bar.
* everything reminds you of something in your discipline.
* you have ever discussed academic matters at a sporting event.
* you have ever spent more than $50 on photocopying while researching a
single paper.
* you can tell the time of day by looking at the traffic flow at the library.
* you look forward to summers because you're more productive without the
distraction of classes.
* you regard ibuprofen as a vitamin.
* professors don't really care when you turn in work anymore.
* you find the bibliographies of books more interesting than the actual text.
* you have given up trying to keep your books organized and are now just
trying to keep them all in the same general area.
* you have accepted guilt as an inherent feature of relaxation.
* you find yourself explaining to children that you are in "20th grade".
* you frequently wonder how long you can live on pasta without getting scurvy.
* you look forward to taking some time off to do laundry.
| |
| Rusty Wright 2004-05-04, 9:36 pm |
| As a test change the permission of mydir to 777 and delete myfile and
let apache/php create the file and see who owns it. Perhaps apache is
not really running as www-priv.
Rudolf Potucek <potucek@acs1.acs.ucalgary.ca> writes:
> Hi All!
>
> I am trying to have access restrictions in a unix filesystem but to also
> write a file from Apache/PHP. The problem is that apache tells me
> permission denied and I don;t understand why:
>
> I have a file:
>
> -rw-r--r-- www-priv.www-data myfile
>
> and a directory:
>
> drwxr-xr-x www-priv.www-data mydir
>
>
> My apache is running a User=www-priv and Group=www-priv. So, in my
> understanding of filesystem permissions, it should be able to either
> write to file myfile or create a file myfile in mydir. It won't. I
> actually have to set the OTHER permissions to writeable, which is exactly
> what I want to avoid ... anyone have a clue why this is happening and
> what to do about it?
>
> Thanks,
>
> RUdolf
| |
| Rudolf Potucek 2004-05-04, 9:36 pm |
| I thought of that ... and I get the expected: www-priv.www-priv other
suggestions?
Rudolf
In comp.infosystems.www.servers.unix Rusty Wright <rusty@socrates.berkeley.edu> wrote:
: As a test change the permission of mydir to 777 and delete myfile and
: let apache/php create the file and see who owns it. Perhaps apache is
: not really running as www-priv.
--
People often find it easier to be a result of the past than a cause of
the future.
| |
| David Logan 2004-05-04, 10:36 pm |
| I thought of a case you may be overlooking, so I ran a test:
drwx------ 2 root root 4096 May 4 19:52 .
drwxr-xr-x 24 root root 4096 May 4 19:52 ..
-rwx------ 1 djlogan djlogan 0 May 4 19:52 test2
What we have here is a directory, not owned by the owner of the file.
The owner of the directory did not give execute permissions to the
directory itself. The owner has write permissions to the file, but that
is immaterial since he cannot write to the directory. Write access is
not necessary, but execute access is.
Another thing to consider is if there is a symbolic link anywhere. That
may play a part in your permissions.
Or if NFS or Samba plays a part.
"su www-priv" and test it that way. Whatever you can do in this respect
should be doable by the server.
Another: Are you running a script that is doing a setuid/setgid or
something similar?
David Logan
Rusty Wright wrote:[vbcol=seagreen]
> As a test change the permission of mydir to 777 and delete myfile and
> let apache/php create the file and see who owns it. Perhaps apache is
> not really running as www-priv.
>
> Rudolf Potucek <potucek@acs1.acs.ucalgary.ca> writes:
>
>
| |
| Rudolf Potucek 2004-05-04, 10:36 pm |
| Ah duh ... it's a php feature ... it's called safe_mode_gid ... sorry for
the static!
Rudolf
In comp.infosystems.www.servers.unix Rudolf Potucek <potucek@acs1.acs.ucalgary.ca> wrote:
: Hi All!
: I am trying to have access restrictions in a unix filesystem but to also
: write a file from Apache/PHP. The problem is that apache tells me
: permission denied and I don;t understand why:
: I have a file:
: -rw-r--r-- www-priv.www-data myfile
: and a directory:
: drwxr-xr-x www-priv.www-data mydir
: My apache is running a User=www-priv and Group=www-priv. So, in my
: understanding of filesystem permissions, it should be able to either
: write to file myfile or create a file myfile in mydir. It won't. I
: actually have to set the OTHER permissions to writeable, which is exactly
: what I want to avoid ... anyone have a clue why this is happening and
: what to do about it?
: Thanks,
: RUdolf
--
Yesterday upon the stair
I met a man who wasn't there.
He wasn't there again today --
I think he's from the CIA.
|
|
|
|
|