is setting custom tmp directory possible in php!

AL-Kateb

Hello everyone!
i want to ask if it is possible in anyway to set custom temp directory for each account!
the php is running in safe mode and the php's temp dir is the system's default temp dir but! i want to change this settings so the each account has its own temp dir - /home/UserAccount/tmp/ - (for files upload etc) is this possible? what do i need to change in php.ini for this to work (i don't mean to point to one directory as temp instead of the system's temp directory but i want each account to have its own temp directory)?

thanks in advance

NogDog

The upload_tmp_dir setting can only be set at the system level (e.g. php.ini). This in no way prevents you from moving the uploaded files to user-specific directories (via [man]move_uploaded_file/man and a little coding logic).

Weedpacket

Is there a specific reason why you want to separate temp directories like this? There's no risk of uploaded files overwriting each other in the common temp directory because they're given unique names (hence $_FILES['field']['tmp_name']); also, they're deleted as soon as the processing script terminates - so if you want to keep them beyond that then you'll need to move them somewhere else anyway.

AL-Kateb

i don't know but i thought it does not look too good that all uploaded are being placed in this directory since every single account on the server (shared hosting) can have access to this folder!
so if someone is uploading a file other accounts will have access to this file am i wrong?.

johanafm

Sort of. Since the folder (typically) won't be accessible directly through your web server, but only through your php scripts, there's little to worry about. Moreover, the filenames are generated randomly, so even if that directory was accessible from the outside, they'd have to brute force the filenames. And since the tmp files only exist for a limited time, people would have little time to brute force a filename.
So as long as your php script doesn't do weird stuff like go through all files in the tmp directory, but rather use the 'tmp_name' array element, you will only access whatever file(s) this user uploaded.

NogDog

I suppose if you are handling highly sensitive data on a shared host, it could conceivably be an issue, as another account on that shared host might run a script that continually scans the tmp directory and copies files from it. However, if you are truly handling sensitive data, you probably should not be on a shared server in the first place.

AL-Kateb

Thanks guys for your replies
i actually am not talking about a specific situation here the question was general
and i am not why would someone brute-force the tmp file names if he can use php to get folder contents?

I'm not sure cos i have not tested it yet but i will do so and come back and post the results here

and whether the data is sensitive or not the other guys on the same shared hosting should not be able to read my files that are being placed in the temp (say it's personal photos 😛 ^_⁾

i dont know i am having the thought that no one could read someone else's files in the temp : ) sure the OS must have done something to prevent this

i will test and see

AL-Kateb

sorry guys it was all misunderstanding i did not know about this special permissions (sticky bit) a friend of mine has just told me about it
no one has permissions on someone else's files as long as the folder has this sticky bit flag
my fault : )

The most common use of the sticky bit today is on directories. When the sticky bit is set, only the item's owner, the directory's owner, or the superuser can rename or delete files. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of owner. Typically this is set on the /tmp directory to prevent ordinary users from deleting or moving other users' files. This feature was introduced in 4.3BSD in 1986 and today it is found in most modern Unix systems.

bradgrafelman

While that's true, uploaded files will most likely be "owned" by the user that the web server is running as, and since everyone on the server can use the webserver account (in the form of PHP scripts), it doesn't make much difference whether the "sticky bit" is set or not.

Basically, to sum up this thread: If you have a need for security, you shouldn't be on a shared host at all. Period. If you are on a shared host and wish to change the uploaded files folder, you can do so by supplying your own php.ini or, if PHP is loaded as an ISAPI module in Apache, use the php_value directive in a .htaccess file.