Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP Upload file permission problems

Discussion in 'General Discussion' started by bridgeway04, Apr 7, 2010.

  1. bridgeway04

    bridgeway04 Member

    Joined:
    Jun 2, 2008
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    Guys/Gals

    Im using a PHP upload script that was previously working flawlessly. Recently for some reason unknown to me, when i do a php file upload it assignes the file permissions: 600 and owner gets set to 99. Im not sure what eh owner was set to previously when it was working before the change, however i do know that permissions were set to: 644 by default when it was uploaded.

    The real problem is that I cant even download the file via ftp.

    So my question is: Is there an apache setting that was updated or changed that is causing this and can it be changed in a secure way? This has become a headache for me and i would like to get it resolved... Any ideas?

    :confused:
     
    #1 bridgeway04, Apr 7, 2010
  2. cPanelJamyn

    cPanelJamyn Social Engineer
    Staff Member

    Joined:
    Jan 29, 2009
    Messages:
    105
    Likes Received:
    2
    Trophy Points:
    143
    Hi,

    Without seeing the script in question, it's difficult to give you an accurate answer. However, it sounds like you are using suPHP for apache (good) but your script is acting as though you are still using DSO mode (bad). UID 99 is typically the 'nobody' user, which matches this theory.

    Is there a config file for your upload script that allows you to specify how it behaves in regards to ownership, and/or and what the perms should be for uploads? I'd also check to see if there is a newer version of whatever you're using that accounts for suPHP installs.
     
    #2 cPanelJamyn, Apr 7, 2010
  3. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    8
    Trophy Points:
    193
    Cpaneljamyn hit it right on target ....

    Your server is running PHP as a DSO (mod_php) which is very bad for many reasons including security, resource waste, and as you have now seen ownership conflicts.

    Any file uploaded by script under DSO will be given the owner "nobody" which is fine until you realize you have to access the file with some other account other than the generic Apache "nobody" user which might be you trying to edit the file or even the nightly backup process which will often skip those files and omit them from backup for the same reason.

    I strongly do not recommend using DSO based PHP on any server ....

    There is two strong alternatives that I would look to as to the type of PHP you should be using depending on your situation. On is SuPHP and the other is FCGI and there is certain advantages and strengths to each so which you go with really depends on your own situation but I would definitely look to getting one of those for your PHP platform.

    If you are on a shared hosting account and don't have access to change the PHP on your server then my advice is change hosts quickly.

    Regarding your immediate problem, you will need to change the permissions on the files to something other than 600 such as 644 or even 666 if necessary and then you should be able to fully access those files with your own login. If you are wondering how you can do that, you should be able to change the permissions from another PHP script because it will also execute as user "nobody" while your server still remains DSO based.

    Bottom line though is get off of DSO and you won't have this problem anymore.
     
    #3 Spiral, Apr 7, 2010
  4. meglio

    meglio Registered

    Joined:
    May 3, 2010
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    51
    The same problem, 666 does not help

    Hello.

    I have the same problem and I assigned 666 permission before to change file owner. Here is an example:

    exec("chmod 0777 /home/meglio/license.txt");
    exec("chown meglio /home/meglio/license.txt");

    license.txt now has all permissions, but owner is still "nobody".
    Any ideas?

    Thanks,
    Anton

    UPDATE

    My hosting provider support confirmed that we are not running suPHP and he proposed to reconfigure
    the server to run under suPHP.

    I currently have 2 big sites running on this server and I'm afraid if this switch will affect them somehow?
    The priority is to solve the problem by keeping everything working live on the server.
     
    #4 meglio, May 4, 2010
    Last edited: May 4, 2010
(You must log in or sign up to post here.)
Loading...
Similar Threads - Upload file permission
  1. linux4me2

    Files and Folders Uploaded By sFTP Have Incorrect Permissions

    linux4me2, Sep 8, 2017, in forum: EasyApache
    Replies:
    11
    Views:
    1,010
    cPanelMichael
    Oct 11, 2017
  2. WorkinOnIt

    SOLVED Incorrect upload File permissions 664

    WorkinOnIt, May 1, 2017, in forum: General Discussion
    Replies:
    17
    Views:
    1,268
    cPanelMichael
    Feb 12, 2018
  3. Marani

    Uploading Files with API issue

    Marani, Apr 15, 2018, in forum: cPanel Developers
    Replies:
    3
    Views:
    71
    cPanelMichael
    Apr 24, 2018 at 8:35 AM
  4. schendra

    User overquota but still can upload file via website

    schendra, Apr 8, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    47
    cPanelMichael
    Apr 10, 2018
  5. Bessalah

    problem with uploading an eicar test file on the server

    Bessalah, Mar 23, 2018, in forum: Security
    Replies:
    3
    Views:
    250
    fuzzylogic
    Mar 23, 2018

Share This Page