Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

group and owner permissions are wrong when php uploads files

Tags:

linux

php

permissions

Not sure if this is a php configuration or linux file permission issue. The problem I'm having is when a file is uploaded through php using move_uploaded_file() into the directory which has group set to ubuntu and owner set to www-data, the uploaded file owner and group permissions change to www-data which causes problems for my python script to come in and perform its task on the uploaded file.

example:

move_uploaded_file($tempFile,$targetSAVE);

--$targetSAVE directory is set to:

group: ubuntu
owner: www-data
permissions: 0755

--php uploaded file changes owner and group to www-data

new file changes to:
  group: www-data  <-- need this set to *ubuntu*
  owner: www-data
  permissions: 0755

--python script needs the group of the uploaded file set to ubuntu

how can I configure php to to set ownership or group of uploaded file to ubuntu or if this is a linux file permission issue how can i fix this?

All directories and sub directories are set to: group: ubuntu owner: ubuntu permissions: 0755 except the directory the files are being uploaded to, this is set to:

group: ubuntu
owner: www-data
permissions: 0755
like image 229
knittledan Avatar asked Oct 10 '22 19:10

knittledan

2 Answers

Found the solution. After pulling my hair out and trying all other responses it turned out to be very simple here's what worked. 

chown -R ubuntu:www-data /var/www/
chmod -R 775 /var/www/

After that the python script executed perfectly from php.

like image 150
knittledan Avatar answered Oct 13 '22 12:10

knittledan

This is happening because PHP runs as the user that runs the web server. In effect all websites on your system will run as this user/group and therefore all have access to read eachother's files and directories created by php scripts.

Installing Apache mod suPHP is probably the easiest solution to this problem. This will allow you to run php scripts in a virtual host as a specific user and group. You could also run PHP as a CGI and use Apache suEXEC but this is a bit more complicated to set up that suPHP.

Alternatively, you should just be able to chown files from your scripts to the appropriate user/group, but the effect will be that the web server no longer can read/edit those files once you change ownership of them.

like image 44
drew010 Avatar answered Oct 13 '22 12:10

drew010
Sign in to Comment

Related questions

PHP XML Validation Throws Fatal Exceptions When Passed Bad XML
CKEditor security best practices
HTML5: AJAX file upload with progress bar
How to encode a URL as a CakePHP parameter
How to allow PHP upload from only one domain?
Remove starting and ending spaces from XML elements
Trying to get property of non-object SimpleXML?
Is there a script available to split audio file in PHP?
How should I create one-off scheduled tasks in PHP? Cron?
Is there a standard way to cache doctrine objects?
string convert to array
how to output file to browser after jquery ajax call
Xsendfile File Not Found
How to deal with user permissions when dealing with admin system users and front-end website users?
Does json support arabic characters?
How to reorder this array?
Can I programmatically force changes to a file to propagate to all NFS clients?
Why must we assign a clone to a new variable?
What is the closest thing to 'date_default_timezone_set' in PHP4?
PHPDoc inline {@link} (and Netbeans)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!