PDA

View Full Version : suPHP/PHP5 permissions



BigWil
12-01-2007, 01:12 PM
Haven't really ran any software under suPHP before. I have installed an application and it is using suPHP under PHP5. When uploading a file the permissions are being set like so:

-rw------- 1 username wheel 8959 Dec 1 13:07 logo.gif

Not only does the file not display in a web browser but isn't the group wheel going to be a HUGE security concern? Any ideas why this would be setting these permissions upon upload?

BigWil

BigWil
12-01-2007, 11:02 PM
Smtalk,

What suphp.conf file is being read at runtime? I don't think it is getting the umask=0022 value when it does. Seems that custombuild does install a suphp.conf file at /usr/local/suphp/etc/suphp.conf but I think it is ignoring the umask value for some reason.

My files are being set at 600 and web browsers can not read them.

BigWil

smtalk
12-02-2007, 12:49 AM
Yes, it's /usr/local/suphp/etc/suphp.conf. I think you have user:wheel because of this: http://directadmin.com/features.php?id=497

BigWil
12-02-2007, 01:35 AM
Nope... no wheel here.

drwxr-xr-x 25 username username 3072 Dec 1 12:53 public_html

And it is still chmoding uploads to 600 which makes those uploads pretty much useless. umask in the file says umask=0022 but it is chmoding them 600 whether we like it or not.

Any ideas?

BigWil

smtalk
12-02-2007, 01:37 AM
Did you compile suPHP by yourself? Try "./build suphp".

BigWil
12-02-2007, 02:38 AM
I installed it with ./build all d but I can try a suphp just for good measure.

Did a ./build suphp and it still says:
-rw------- 1 username wheel 8959 Dec 2 02:42 logo.gif

which is not visible by a browser

BigWil

chriske21
04-08-2008, 02:36 AM
make a new text file true php. that will get the rite permissions 644 when u set umask 0022. It haves something to do with apache and handeling image uploaded files. Apache somehow changes the permissions. I am still looking for an answer. When i know one ill post it here.
________
extreme vaporizer (http://extremevaporizer.net/)