Re: Dynamic Images and File Permissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Adam Hubscher wrote:

I have a script that generates, creates, and updates dynamic banner
images for users of a service.

Recently I have run into a problem with file permissions... that has
thoroughly annoyed me. I found a solution to fix the problem, however,
it was then hit with another problem, and I'm not sure how secure I find
my solution to be.

During the image creation process, the files are given the normal image
permission of 644 (rw-r--r--). Of course, this makes updating impossible.
How are those permissions getting set? What program is creating the image files? I would think that if PHP is generating the images, then PHP would be the owner? So PHP should be able to overwrite/delete those files. 


I attempted to use a simple chmod();, however, the script didnt have the
permissions to do this. I couldnt figure out a way to fix this, so I
moved on to looking for other solutions.

I ended up with somethign that worked, slightly, but did not provide me
with an actual fix due to another problem. I would connect to the folder
via local FTP, then using ftp_site run a direct CHMOD on the files.

However, in doing this, I feel that the script itself is insecure. Also,
it didnt work in the end. After running the update script, to test out
my new solution, I was confronted with a new problem that I didnt
understand.

The FTP command returned "Bad File Descriptor" after executing the
CHMOD. After attempting in a few other of my own FTP clients, I ran into
-exactly- the same problem.
Is this a windows server? All of the ftp clients I've used that have a CHMOD feature only work on *nix servers. As far as I know windows doesn't have a CHMOD. 


My questions are this:

A) Is there any way to set the permissions on the file on creation of
the image?
If PHP is doing the image creation you can use the chmod() function to change the permissions. I think it will even try to do a resonable attempt on windows machines too. I'm doing this on the images that I create on a *nix server. 


B) If no, is there a way I can do the CHMOD, even though chmod();
returned insufficient permissions to do so?
C) If no, is there a way I can fix the bad file descriptor, to fix the
ftp solution I have?

Any other solutions would be able as well, given that they're somewhat
secure.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux