views:

98

answers:

4

Hey, so I'm trying to make a PHP image upload form. I've been able to successfully pull this off, but only by making the permissions of the folder I'm uploading to 777, or read/write/execute. Methinks this isn't such a good idea on the big wide intarwebs. I'm using 000webhost, which is apparently crappy, but its also apparently the best free webhost. I believe what I need to do is somehow add whatever user is running PHP(at 000webhost) to a group, and then include the group in the read/write/execute permissions, but keep it at just "read" for everyone else. However, I don't know how to do this. Currently I am just setting permissions through Filezilla. I don't know what user is running PHP at the webserver, and I don't know how to add that user to have separate group permissions either.... Also, I think I'd like a similar set up for a password file, just without the read for everyone else, so the form can use php to check the password before uploading anything. Thanks

A: 

I'm not sure how your host has their things setup, but it's possible making PHP scripts executed using the permissions of its owner using things like suPHP. It doesn't sound like your host is doing this, and in that case you can't really prevent people from messing with your files. File system security is an inherent problem with shared hosting. If possible, I would recommend getting a low-end VPS (Virtual Private Server).

Daniel Egeberg
A: 

CHMOD the parent folder to 0777, then have PHP call mkdir() to create the folder. The folder's owner would be the same as the PHP process' owner and you'll be able to move_uploaded_file() to that folder.

To illustrate, let's say you need are uploading to folder /app/myapp/data/images. Then first delete the folder if it exists, then CHMOD /app/myapp/data/ to 0777. Finally write a simple PHP script to mkdir('/app/myapp/data/images');

Finally don't forget to reset the parent folder's permission to the original value ;)

Lukman
A: 

A low end VPS isn't really necessary for what you're trying to accomplish.

The biggest problem you're running into is the way the host is handling PHP (suPHP, DSO, CGI, mod_php). Depending on the methods that they utilize the load the PHP Processor will depend on how your permissions are handled.

In this case, it seems like PHP is simply being run as mod_php in Apache without the process being run as the User (yourself). It's simply being run as "nobody".

The fact that your host is allowing this to occur is highly, highly insecure and I very much suggest finding another web host that would make some attempt at protecting your data.

Once you find a new web host that runs phpSuExec (suPHP), you'll notice that things will probably start working with your script when it comes to permissions. You won't be able to use a chmod value of 777 again, however. The highest you'll be able to go is 755 due to security restrictions.

mrosenblatt
+1  A: 

You need to be very careful when allowing the web server write access to your system, in particular, you should make sure that the folder which is being written can't be used to upload scripts PHP to. Here's how you might improve matters:

  1. Create a folder for uploads which is outside of the web root

  2. Add this folder as a virtual directory

  3. Create a rule that denys accessing all files in this folder. Then add in some rules allowing access to specific types (.gif, .png, .jpg presumably)

  4. In your upload script, verify that the type of the file is appropriate (image for example) and that the extension is appropriate.

There's still no guarantee that someone won't somehow upload a rogue PHP script to this folder but you just have to put as many safeguards in place as possible. There's a bit of Apache configuration involved so you might need to do a bit of digging on this. Just try to make sure at the end that it's not possible to execute PHP from within your folder.

-phil

PhilDin