Re: [tlug] Arrrg! Permissions driving me nuts in PHP [SOLVED]

[Darren Cook <darren@example.com>]

>  > Does umask permissions take precedence over mkdir permissions? It might 
>  > be worth trying a umask 0 before the mkdir command.
> 
> Even if it works, you don't want to do that.  It opens your system up
> to potential directory traversal and trojan attacks because there's a
> race condition.

I'm not sure about how you get all that exciting stuff (The manual
describes it as "PHP's umask", so it only applies to PHP scripts), but
as the manual emphasizes you need to be careful in a web server as your
umask change will apply to all php scripts running in that web server.

So any other php scripts on your web server that do anything while these
three lines are being processed:
  $old=umask(0);
  mkdir($dirPath,0777);
  umask($old);

could be created with unexpected permissions.

I still think you should try it to see if works. Useful information, one
way or the other, in tracking down the problem.
(Or try Stephen's below idea first of checking/fixing permissions and
ownership on the parent directory of $dirPath.)

Darren

> really wants to fix the process owner/file owner skew.  My guess is an
> old owner spec of nobody for the parent directory with set-uid bit
> set.  (I can't remember whether that's supposed to make files inherit
> user ownership, but set-gid should work for inheriting group
> ownership.)  And now apache is running under www-data or apache.  Or
> something like that.


-- 
Darren Cook, Software Researcher/Developer

http://dcook.org/gobet/  (Shodan Go Bet - who will win?)
http://dcook.org/work/ (About me and my work)
http://dcook.org/blogs.html (My blogs and articles)