Evren Yurtesen
Home arrow Downloads arrow H-Spherearrow Fix permissions of PHP created files/directories (ascii + non-ascii filenames)
Thursday, 19 September 2019
 
 
Newsflash

The http://dev.yurtesen.com is officially opened! You can register and submit your articles and guides. We will examine them and publish.

 

Fix permissions of PHP created files/directories (ascii + non-ascii filenames) Download

Description:

When you run this script. It checks the files and fixes the permissions so the files created by PHP will be counted towards user quota and PHP still will be able to access them while public write access is removed. You should run it from cron periodically.

The files will have the following ownerships and permissions, user:httpd mode 770 and directories, httpd:user mode 770. But only if the files are not owned by 'user' or have permissions of 777 and only if the directories do not have the group of 'user' or have permissions of 777.

It is required to have the directories httpd:user so the created files will have ownership of httpd:user because if the created files had httpd:httpd would fail. OK for you who got confused, this is how ownerships in FreeBSD works, in FreeBSD the new files and directories inherit the group id of the parent directory. So if the parent has user:httpd then the files generated by PHP would have httpd:httpd ownerships and this would cause problems with safe_mode. But when the parent is httpd:user the generated files would have httpd:user permissions which would be accessible by PHP even when safe_mode is enabled (with the aid of safe_mode_gid = On PHP option). So problems of Linux safe_mode usage is nonexistent if you are using FreeBSD. Also directories do not add up to the quota a lot so it is reasonable to have httpd:user ownerships

For safe_mode to work properly in my servers I have the following options in my php.ini (for php5)

safe_mode = On
safe_mode_gid = On
safe_mode_include_dir = /hsphere/shared/apache/libexec/php5ext/php
safe_mode_exec_dir = /usr/local/safebin
safe_mode_allowed_env_vars = PHP_
safe_mode_protected_env_vars = LD_LIBRARY_PATH

Here it is required to have 'safe_mode_gid = On' to relax the checks to GID checks as files created by PHP will have httpd:user ownerships.

Changelog:
# v0.0.1 - Initial version
# v0.0.2 - Added further refinements to find command
# v0.0.3 - Added Linux compatibility
# v0.0.4 - Ignore /hsphere/local/home/cpanel if run on CP server
# v0.0.5 - Fixed an overseen fact and now we can set directories 770 also
# v0.0.6 - Complete rewrite by using the -exec of find command (unicode/non-ascii support)
# v0.0.7 - Fixed setting permissions for folders with httpd:user where user didnt have write perms
# v0.0.8 - Fixed a problem with users changing domain.com permissions to 777.
# H-Sphere doesnt like it if domain.com is owned by httpd...
# v0.0.9 - Needed to chown directories to $user:$user after all...
# v0.1.0 - Fix a bug introduced in previous version which was messing ~user owner/perms
# v0.1.1 - Fixed a bug which was causing log and ssl.conf directories being chowned 

NOTE: PLEASE USE ON YOUR OWN RISK!

Submitted By:
Evren Yurtesen (admin)
Submitted On:
26 Mar 2008
File Size:
3.73 Kb
Downloads:
277
File Version:
v0.1.1
File Author:
Evren Yurtesen
File HomePage:
Click to visit site
File Date:
26 Mar 2008
Rating:
Total Votes:1
Be the first to comment! Please sign in or register.
Google Search
Donate For My Work

Amazon Search


 
Top! Top!