[program-l] Re: Apache/linux server dynamically changing file/folder permissions?
- From: "Homme, James" <james.homme@xxxxxxxxxxxx>
- To: "program-l@xxxxxxxxxxxxx" <program-l@xxxxxxxxxxxxx>
- Date: Tue, 3 Sep 2013 20:01:34 +0000
Hi Jacob,
Maybe you write a process that does all of the file I/O that is able to run as
someone with better settings and pass a return code back to your web
application? Is that possible?
Jim
From: program-l-bounce@xxxxxxxxxxxxx [mailto:program-l-bounce@xxxxxxxxxxxxx] On
Behalf Of Jacob Kruger
Sent: Tuesday, September 03, 2013 9:28 AM
To: program-l@xxxxxxxxxxxxx
Subject: [program-l] Re: Apache/linux server dynamically changing file/folder
permissions?
Problem is think this has to do with apache's handling of file serving itself -
as in, since you're posting both change/write actions and retrieval requests
via apache itself, it's the one handling the relevant permissions in terms of
type of activity.
Either way, think we've sorted it out by setting a slightly different default
permission level for the sort of root of that site's instance on the server,
but let's see.
Primary thing was just that it seemed like apache, or some other process was
resetting file permissions on-the-fly, such that just after had specifically
told apache to allocate/allow specific permissions on a folder/file, by the
time the next page request, or image file request was to be processed - within
like 1 second later, it was telling the browser that, nope, sorry, you're only
allowed to execute that file, and not just read/retrieve it, etc. etc.
Stay well
Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'
----- Original Message -----
From: Homme, James<mailto:james.homme@xxxxxxxxxxxx>
To: program-l@xxxxxxxxxxxxx<mailto:program-l@xxxxxxxxxxxxx>
Sent: Tuesday, September 03, 2013 2:22 PM
Subject: [program-l] Re: Apache/linux server dynamically changing file/folder
permissions?
Hi Jacob,
My memory tells me that Apache runs as a user called nobody. That user has very
little permissions. That is for security reasons. I'm not sure what the best
solution for this is in your scase.
Thanks.
Jim
From: program-l-bounce@xxxxxxxxxxxxx<mailto:program-l-bounce@xxxxxxxxxxxxx>
[mailto:program-l-bounce@xxxxxxxxxxxxx] On Behalf Of Jacob Kruger
Sent: Saturday, August 31, 2013 7:09 PM
To: Program-l
Subject: [program-l] Apache/linux server dynamically changing file/folder
permissions?
Just posting this here in case someone has an idea about how to 'fix' this/work
around it - since haven't managed to find anything via 'net, or other PHP
specific mailing lists as of yet.
In that small/simple content-management-system posted about other day, issue
seems to be that while am continually/consistently setting output file and
folder permissions to 0776 - owner and group rwx, and public rw - for now -
using PHP's chmod() function, before and after trying to copy/generate any
output content for it, the server seems to be
consistently/dynamically/immediately resetting the permissions to something
slightly different, which won't let me then view/browse all the content.
Silly/simple example is that I will handle image file upload, and copy uploaded
image to a folder in a script, but, sort of immediately, that image, and the
folder it's in, and that one's parent folder are
invisible/unavailable/inaccessible.
Before I then run a sort of recursive script to again reset all content
permissions, I can't even browse the content via FTP interface - for example.
When generating output/static content, I am also then consistently/continually
resetting path permissions just before/after creating folders and files, if
necessary, and that seems to work, some of the time, but, not for everything.
Am going to try it out on another server, just to try figure/find out if it's a
specific issue for this server/part of file structure, or something, but, bit
irritating thus far...<smile>
Stay well
Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'
________________________________
This e-mail and any attachments to it are confidential and are intended solely
for use of the individual or entity to whom they are addressed. If you have
received this e-mail in error, please notify the sender immediately and then
delete it. If you are not the intended recipient, you must not keep, use,
disclose, copy or distribute this e-mail without the author's prior permission.
The views expressed in this e-mail message do not necessarily represent the
views of Highmark, its diversified business, or affiliates.
Other related posts:
