Re: mod_fcgid upload permission changes.

[Toni Moreno <toni.moreno@xxxxxxxxx>]

Hi Ben, Eric , I'm developing a centraliced IT-Administration platform.( http://sourceforge.net/projects/itsat/ ) 

Each user has a HTTP certificate, and a OS user in the platform who belongs to a generic "itsatadm" group, and the only way to put files should be by HTTPS . Not SCP or SFTP allowed.

In this environment , I need execute php scripts with arbitrary EUID permisions( EUID depents on the user who makes POST)  . 

Upload ( file transfer and storing)  is done by apache , not me!

I've tested your suggestion (  by adding a chmod  while still root)  but doen't work:

:PHP ERROR [2] : fopen(/tmp/phpaP806V) [<a href="" failed to open stream: Permission denied.

==========================
Your Suggestion execution level stack ( Not working)
==========================

apache(itsat:itsatadm) -> writes data with mod_php ( 640)
> mod_fcgid (itsat:itsatadm) -> leaves /tmp/XXXX ( 600 )
>> php-cgi ( root:itsatadm) -> leaves /tmp/XXXX 
>>> my_upload_handler.php ( as root)
---------> (* added) chmod /tmp/XXXXX ( 1200 )
---------> change EUID ( as $user )
---------> ( do things)
---------> read /tmp/XXXX and store to  ~$user/
---------> finish upload

==================

I 've  finally bypassed this trouble setting effective permissions to root ONLY to open the temporal file.

posix_seteuid(0) // as root
 fopen(/tmp/phpaP806V)
posix_seteuid($user);


================================
Bypassed execution level stack (IT WORKS)
================================

apache(itsat:itsatadm) -> writes data with mod_php ( 640)
> mod_fcgid (itsat:itsatadm) -> leaves /tmp/XXXX ( 600 )
>> php-cgi ( root:itsatadm) -> leaves /tmp/XXXX 
>>> my_upload_handler.php ( as root)
---------> change EUID ( as $user )
---------> ( do things)
---------> posix_seteuid(0)
---------> fopen(/tmp/XXXX)
---------> posix_seteuid($user)
---------> store file to  ~$user/
---------> finish upload
 
But this is NOT the best solution since my_upload_handler.php is a third party library !!!!.

I will look for a better solution in the future. 

Finally I can't  understand what is doing internaly apache/mod_fgcid/php-cgi. with umask while uploading file..

Thanks to all ( Eric and Ben).

:)

2012/12/11 Ben Johnson <ben@xxxxxxxxxxxxxxxx>

On 12/11/2012 1:12 PM, Eric Covener wrote:
> On Tue, Dec 11, 2012 at 1:01 PM, Toni Moreno <toni.moreno@xxxxxxxxx> wrote:
>> I would be happy to know  another way to upload files for any users on the
>> system through HTTPS.
>
> mod_fcgid doesn't do this for you. If you POST to a fastcgi, read the
> post body in whatever direct way your language provides.  Don't try to
> figure out what temporary file the server may have created in the
> background and read it as a file.
>
>
>> But the question is why mod_fcgid changes apache umask ? is the correct way
>> to proceed , a undefined configuration , or a bug?
>
> Read your systems manual entry for "mkstemp".  This family of
> functions doesn't create files with the just the umask masked off, it
> explicitly controls them.
>

Toni, to add to what Eric said above, I think most of us are trying to
understand why you are attempting to control file permissions at the
Apache layer (or worse, the OS layer).

Applications should be portable. If you move your application to another
server, it should function the same way. By attempting to control the
initial permissions with which Apache creates files, you are violating a
fundamental tenet of the portability principle.

If I read your original post correctly, PHP should have the permissions
required to call chmod('/tmp/fcgid.tmp.PEozaa/', octdec('0644)). Problem
solved.

-Ben

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

--

Att

Toni Moreno

699706656

 

Si no quieres perderte en el olvido tan pronto como estés muerto y corrompido,

escribe cosas dignas de leerse, o haz cosas dignas de escribirse.

 

Benjamin Franklin