tags:

views:

428

answers:

2
+1  Q: 

Www-data User to Access files/folder outside of /var/www/

Ok, is there a way for the PHP user (www-data) to gain access to other parts of the server, for example, /home/username/another_folder/ ?? Thanks in Advance.

Will

EDIT: Do I just add www-data to another group?? Or something like that, or is there another way?

+2  A: 

you can create another group and add the www-data (if your webserver runs under www-data user) to this group, then assign this group to all those files you want to be accessed.

or if you just need the read permission, and it is not an issue that other users on the system have read access to your files, then just change permissions of your files (in other places) to have the read permission for other. fore xample 775 for your directories and 644 for your files.

remember that you can not serve pages in places other than your Document Root (for example /var/www), even though your webserver user has the permissions to access those files.

However if you configure "aliases" or "virtual hosts" for your web server, you can make places other that your default document root, accessible by HTTP requests.

but PHP files that are under your document root and executed by the web server, CAN read contents of files outside the document root IF the web server user has enough permissions.

// file permissoins
/tmp/shared_by_all.txt -> 644
/home/user1 -> 751 or 755
/home/user1/shared_by_all.txt -> 644
/home/secureuser -> 750
/home/secureuser/myfile.txt -> 640 (or even 644 because of the containing directory permissions, other can not even enter the directory tree. so file is not accessible)


// file: /var/www/read_file.php
<?php
    echo file_get_contents('/tmp/shared_by_all.txt'); // ok!
    echo file_get_contents('/home/user1/shared_by_all.txt'); // ok!;
    echo file_get_contents('/home/secureuser/myfile.txt'); // fail!;
?>
farzad  2010-02-07 04:32:03
I appreciate that. I was looking for write permissions, not just read. However, I like what you had to say.
lucha libre  2010-02-07 05:25:54
+2  A: 

You could change the group ownership (chgrp) of your folder to www-data (if www-data is its own group.)

You could change the user ownership of that folder (chown) and chmod it so that multiple users can access it. (Like farzad said)

You could create a group ("me_and_web") whose only members are "username" and "www-data", and chgrp -R me_and_web /home/username/another_folder

rascher  2010-02-07 04:33:27

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases