Jump to content


Photo

File Permissions


  • Please log in to reply
3 replies to this topic

#1 daskunk

daskunk

    Rank I Member

  • Members
  • Pip
  • 13 posts

Posted 24 February 2019 - 04:51 AM

I have a question regarding file permissions and ownership when using the File Manager in CPANEL and running PHP scripts.

 

When I log into CPANEL with my userid, and upload a file to a folder in my public_html space using File Manager, who is the "owner" of that file? It is my userid?

 

If so, then why does this happen. If I create a PHP script which displays a link to the file I uploaded, and then I try to access that file by running the PHP script in a web browser and clicking on the link, I need to have the public (world) permission bit set. In other words if I set the file permission to 0640, I'm unable to open it via the PHP script. But if I change it to 0644, then I can read it.

 

I thought maybe it was because the PHP scripts are running under some default userid that you control, but I added this call to my script

    $username = posix_getpwuid(posix_geteuid())['name'];

and it tells me that the PHP script is executing under my userid (the same one I use to log into CPANEL and upload the file). So if my userid owns the file, and my userid is executing the PHP script, then why do I need 0644? Why isn't 0640 sufficient?

 

Sorry if it's a stupid question, but I'm used to being able to ls -altr on a linux box in order to see the owners of all the files in a directory, but with the CPANEL File Manager I can only see the permissions of the files.

 

Thanks very much



#2 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 17,575 posts
  • Gender:Male

Posted 24 February 2019 - 06:38 AM

My guess is that apache has to read the file first in order to pass it to php. Apache runs as the user nobody so it needs other readable permissions to even see the php script. Then once the php script is passed to php it is executed as your userid. I suspect if you ran a cronjob on a php script with 640 permissions it would work.

#3 daskunk

daskunk

    Rank I Member

  • Members
  • Pip
  • 13 posts

Posted 24 February 2019 - 03:18 PM

Thank you for the response. So is there any way with CPANEL (File Manager) to add Apache (e.g. nobody) to the permission group for the files in that folder so I can leave the permissions at 640 instead of 644?



#4 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 17,575 posts
  • Gender:Male

Posted 24 February 2019 - 07:48 PM

No.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users