I have a script that creates a directory "createddir" and sets the chmod to 777 (just for this test really..)
I then want to create subfolders, but then the script fails. because of safe mode.
Why was I able to create that first folder then? Is it because the folder now has different perms different from the gallery.php file which was uploaded via ftp?
Is there any way around this? This is a script for sale, I cannot ask people to simply disable safe mode as their host may not allow that.
Warning: mkdir() [function.mkdir]: SAFE MODE Restriction in effect.
The script whose uid is 10005 is not allowed to access
/var/www/vhosts/yyy/httpdocs/zzz/files/createddir owned by uid 33 in
/var/www/vhosts/yyy/httpdocs/zzz/files/gallery.php on line 254
there is no way to solve it.
Either turn safe mode off or create these folders from FTP client
As i can see and understand you don't have access to that folder. Try chown.
For help: man chown
EDIT:
I did not tested this:
http://www.php.net/manual/en/function.chown.php
Take a look.
Related
I have written a PHP script for file uploading and for testing I gave my upload directory 777 permissions. The script works fine.
Now I want to remove execute permissions for obvious reasons, but once I do that, I get the following error:
move_uploaded_file([filepath]) [function.move-uploaded-file]: failed to open stream: Permission denied
Just taking the permissions down from 777 to 776 causes this error to appear when I try to upload a file. I don't understand why having execute permissions should have anything to do with this - can someone PLEASE shed some light?
Thank you!
A directory must have execute permission to be accessible in Unix & Linux.
Quoting from here:
On a directory, the execute permission (also called the "search bit")
allows you to access files in the directory and enter it, with the cd
command, for example. However, note that although the execute bit lets
you enter the directory, you're not allowed to list its contents,
unless you also have the read permissions to that directory.
I agree with lserni that the fact that revoking execute permission on the directory for O (the third digit) causes the problem is worrisome as it indicates that the webserver is accessing the directory neither as owner nor as member of the group. You should fix that.
Just taking the permissions down from 777 to 776 causes this error to appear
This shouldn't happen. You ought to be able to run with 770 permissions, i.e., the directory should be owned by the Website user ID, with the group of web server.
This way the owner and the webserver are both able to manipulate the directory and the data. Ideally the Web server serving your website ought to assume the same user ID as the website owner, and that way you can keep the directory mode 700 and have it read-writeable and listable only by you.
If the last digit of the permissions is biting you, it means that the server is running with permissions for "everyone", which may be okay for a development site but isn't too good on a shared site (imagine your passwords being readable by any other website owner in the machine).
However, if you're running on a test machine, the 777 permissions are okay. Directory executable bit does not mean executable (a directory can't be executed anyway) but merely 'listable'. Without that bit, you can create and delete files but you can't know whether they're really there, and move_uploaded_files is objecting to this situation.
There are other solutions (e.g. chrooting each virtualhost in Apache); see also What are best practices for permissions on Apache-writable directories?
for removing the execute permissions you need to execute following commands..
chown -R nobody upload_directory
chmod -R 755 upload_directory
The first command changes the owner of your upload_directory and files under it to 'nobody' which is what php operates under. The second changes the upload_directory and files to only allow user access to writing. -R is for Recursive..
On my (shared) webhost, I'm using PHP's curl and fopen to download and save a remote XML-file to a specific directory. The system has to read and execute it later.
Right now, I've created the directory beforehand (permissions: 777) and the system is able to write the XML-file in the directory.
I am afraid that giving permissions to anyone to read, write and execute is a security risk.
Therefore, my questions are:
Is setting chmod to 777 a security risk in this case?
Is there a way to achieve the desired results without setting chmod to 777?
(Since I am a beginner, I'm not (yet) familiar with file users, file groups and file permissions. Is there a way that only "the system" is able to read, execute and write?)
You should avoid 777 alltogether.
There is a way. Such problems are better solved via chown than chmod. One way is to make sure the user that writes the files (normally apache or www) belongs to the group of the folder owner then set permissions to maxiamlly 775.
To allow only the owner to read, execute, and write, change the permissions to 0700.
I am trying to create a folder and fopen a file inside that folder.
mkdir works fine for creating the folder (as the parent folder has 777 permission), but the resulting folder is owned by user id 99 while the script itself is running under cpanel with user id 32024. Now when I try to create a file inside this folder, I get:
SAFE MODE Restriction in effect. The script whose uid is 32024 is not allowed to access /<path_of_file>/<folder_created_by_php> owned by uid 99
This error is fully justifiable as I am trying to write to a folder owned by someone else but how can a script running under 32024 create a folder with owner as 99? Anything wrong with the way server is behaving? Any ideas?
Your problem is related to the safe mode setting on php:
Check this out for more information: http://www.serverschool.com/dedicated-servers/what-is-php-safe-mode/ You'll have all the information to understand what is safe mode actually...
Just ask for your developers NOT to use safe_mode as it is a features unrecommended on all servers these days...
You can try to include both users 99 and 32024 to the same group and chmod('yourfilename', 0775) after you create that file
I want to write text file using PHP.
I can write it using fopen and fwrite function on Windows platform. But, that program is not able to write it on Linux Platform.
Is there any solution?
fopen and fwrite work exactly the same on Linux, but you may have a permission issue there. To solve this, you need to check:
the user under which PHP runs (in a vanilla Apache/PHP install, this is usually www-data)
the permissions and ownership of the directory you are trying to write to
What you need is write permission on the directory for the PHP/Apache user. The easiest (and dirtiest) way of achieving this is is to just make the directory world-writable (chmod o+w the_dir), but this is highly insecure, allowing anyone with any kind of access to the system to store stuff there. A better solution is to either make the PHP user the owner of the directory and specify permission 700 (or 755 if you want it to be world-readable), or create a new group, put the PHP user and yourself in that group, set the group on the directory, and set permission 770 (775 for world-readability) on the directory.
It should work, please check the users permission to the directory and/or file.
You always can try this program writing to /tmp/my.log, it should work)
Of course, you can use the same fopen and fwrite functions on Linux.
The only special thing is that the folder where it's written (or at least the file itself) must be given write permissions.
An easy way to test it would be to set the file permission (or its folder) to 777.
fopen and fwrite works on both SO.
Probabily you have permission denied. Try to give write perms on your file on linux.
You can use php chmod func
I recently moved my website to a new host and now am experiencing some broken code..
I have an uploading script that is now returning this:
move_uploaded_file() failed to open
stream: Permission denied in *..
I've set the upload directory to 777 which worked fine, but my script is needed to have top level permissions..
(As the script itself sets permission to directories, does lots of copying etc)
Is there a way in apache I can set the PHP script to the owner of all the folders on my server?
Thanks
Also
When looking in phpInfo()
Under
apache2handler
User/Group nobody(99)/99
Is this related?
I wouldn't go that route, just give it permissions to the defined upload_tmp_dir, or define upload_tmp_dir to be a directory you have access to. If it is that directory you have problems with. If the target is the problem, and you've 777'ed it, something fishy is going on.
Do you have ssh access to your new host? The reason I ask is that it's probably not best to use the username/group as nobody, as most other services would use this too. I would change it to something like apache
You can then update httpd.conf, adding in these two lines (reloading the config after):
User apache
Group apache
Then, run chown apache:apache -R dir_name to make apache own it.
well,
When you are trying to set the permission like "0777", you must be running on same authority.
What I mean is.
For example, your script tells to change a folder/file permission to 0777, but the folder or file already has a permission and that is '0755' so you are not authorised to make that change. as the user have only 5 authority.
Either, you need to login to FTP and change the folder permission to 0777 and then you have full control over it or you have to stick with using 0755 or similar.