Dear All I have some basic question in regard to file operations.
*1. file_manage table* Whenever we use file_save_upload api to upload a file, I can see one corresponding row is added to file_manage table. My question is, the row in file_manage table is temporary one or it will be there always. I am planning to read some information from file_manage table afterwards, if it is just a temporary entry, probably I will be in trouble.
*2. File / directory permission* My hosting is a linux based hosting. My understanding is whenever a user uploads a file, finally the web server writes the file to system. So the webserver application is the owner.
In my case, first I create a folder (with permission 0755), and then write the file (with permission 0664) to that folder. Next time I want to delete the old file and write a new file it is not possible from same user who wrote the file last time or from any other user. Can somebody explain me why the permission issue comes here as always it is the webserver that writes the file, so virtually owner remains same.
If I keep the folder permission 0777 then second time file write is possible.
And, by keeping folder permission 0777, am I bringing up a security issue here....
Thanks and Regards Austin
On Fri, Oct 26, 2012 at 9:36 PM, Austin Einter austin.einter@gmail.com wrote:
If I keep the folder permission 0777 then second time file write is possible.
I would probably do 775 instead assuming the group id is the same as the webserver group id. You can also do 755 if the owner is the webserver owner. (By webserver owner, I mean the user id of the process running httpd.)
And, by keeping folder permission 0777, am I bringing up a security issue here....
Yes, you have opened world write to the folder. You might even do 770 if you really want to be secure so that no one but the directory owner id and the httpd process group id can read/write/execute in that directory.
You just need to make sure that the webserver process can read/write/execute.
-
Austin Einter -
Earnie Boyd