1

I'm developing a WYSIWYG type site builder in JS for people who don't know HTML/CSS. It's all done, but I want to make this as simple as possible. In a perfect world, they'd just upload all the files to their host and be done with it. The problem I'm having is, I have some files and folders that need writing to, but PHP doesn't have permission unless I CHMOD those specific files and folders to 777.

I really don't want to do this and was hoping I had some alternative, nor do I want to be criticized for forcing CHMOD 777 upon everyone. Is there anything I can do (that would be simple for my users) to allow PHP to write to files/folders without having to grant permission to EVERYONE?

I can't have PHP create the files/folders itself because it doesn't have access to write to the root directory either.

Vidar Nordnes
  • 1,334
  • 10
  • 20
Jordan
  • 11
  • 1
  • 2

2 Answers2

3

You could chgrp the files to the web server's group (or PHP's, if it's set up to run as its own user) and chmod 770 them. But that wouldn't get you much securitywise.

Alternatively, you could do what some other PHP CMSes (like Joomla) do -- when a file needs to be modified, have the server connect back to itself via FTP (with the site owner's credentials) and upload the replacement file.

Truth be told, though, any way you choose to allow people to modify files on the server is going to have its pitfalls, and securitywise will generally be almost as bad as making the whole site world-writable. No matter how you do it, i suggest you make damn sure your authentication and access control mechanisms are up to snuff, as you're taking those responsibilities upon yourself especially when you allow web users to edit files.

cHao
  • 84,970
  • 20
  • 145
  • 172
  • Note that the FTP method does not gain you any security if the FTP password is stored in a file on the server. – PleaseStand Nov 04 '10 at 20:20
  • Not much, no. But it makes me less uncomfortable than the entire site being 777. The password can be in a .php file, and thus unavailable to random strangers unless the CMS is particularly boneheaded and allows access to files that shouldn't be modified (ie: itself and its config files). – cHao Nov 04 '10 at 20:27
  • I assume chmodding files to `660` would be quite sufficient, all those people who think their configuration files are executable `[/end pet peeve]` – Wrikken Nov 04 '10 at 20:29
  • if you chmod the whole site, 660 would make the directories unusable. Yeah, you could take the second step of adding execute permission to directories, but really it's simpler (and doesn't cause any real harm) to +x a PHP file that won't have a shebang line anyway. – cHao Nov 04 '10 at 20:31
0

Have the users CHMOD 777 the root directory, have your script create the new folder, and then have them restore the root directory's permissions.

ceejayoz
  • 176,543
  • 40
  • 303
  • 368
  • This answer seems like the simplest and most straight forward. Are there any repercussions to doing this? – Jordan Nov 04 '10 at 21:45
  • The main one I can think of is that if the user doesn't have root/sudo access, that folder will not be deletable if they decide to uninstall your app. – ceejayoz Nov 04 '10 at 21:53
  • Giving random users write access to critical system resources is *always* problematic. In the worst case, an intruder has planted a script which is sitting there waiting for a chance to install a root backdoor. That's instant privilege escalation as soon as it runs at a moment when it is able to modify the system root directory. – tripleee Jan 03 '18 at 08:16