File permissions issue for world role (read/write)

Operating System & Version
linux 3.10.0-962.3.2.lve1.5.42.el7.x86_64
cPanel & WHM Version
cPanel 86.0 (build 36)

gkaza

Registered
Feb 16, 2021
2
0
1
Athens
cPanel Access Level
Website Owner
Hi everyone,

I have an issue regarding permissions in my server.
I set permissions to myfile.txt using the cpanel file manager. The permission is set to 600.

Then I run this code in a php script to write to the file:

PHP:
$myfile = fopen("myfile.txt", "w") or die("Unable to open file for write!");
$date = date("d/m : H:i:s");
fwrite($myfile, $date);
fclose($myfile);
And then I run this code to read the file:

PHP:
$myfile = fopen("myfile.txt", "r") or die("Unable to open file for read!");
echo nl2br (fread($myfile,filesize("myfile.txt")));
fclose($myfile);
I expect both write and read to fail but they don’t.
I would expect a permission of ??6 for the php script to work properly.

Am I missing something here? What is wrong?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,418
1,000
313
cPanel Access Level
Root Administrator
Hey there! If your PHP script is running as the cPanel user, 600 would work as you're seeing. The 600 permissions would give read and write permissions to the owner of the file, so as long as the PHP script itself is run by the same user it would be able to write to it.
 

gkaza

Registered
Feb 16, 2021
2
0
1
Athens
cPanel Access Level
Website Owner
Hey cPRex,
Thanks for clarifying. That's what I thought. It is possible that PHP runs as the cPanel user instead of the world role.

Shouldn't the php run as the world role for security reasons? At least, I would prefer it that way because it provides more flexibility.

Is this some kind of configuration or is it built in the cPanel's behavior?
How can I tell if this is the case?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,418
1,000
313
cPanel Access Level
Root Administrator
If you're using ruid2 or suPHP as the PHP handler, the script would be executed as the cPanel user. That allows files and directories created by automated tools like WordPress to have the correct permissions to be managed by the user.

If you check your PHP handler in WHM >> MultiPHP Manager you can confirm this. Were you just accessing the PHP script from a web page?