Securing upload directories

dcjones

Hi all,

I am working on some scripts that allow the upload of images to directories that at the moment are CHMOD 0777.

Some how I don't think this is secure. Is there a way I can change the directories permission to from 0755 to 0777, upload the image and then reverse the permissions back to 0755.

This is what I am working with:


$_SESSION['qr_path'] = "../flightboards/ts/".$member_name."/qr_images/";
$temp = $_SESSION['qr_path']; 

chmod($_SESSION['qr_path'], "0777");

$qr_var_text = $_POST['qr_text'];
$upload = $_POST['upload'];

$qr->text(" $qr_var_text ");  

$qr->draw(150, "$temp/$upload.png");

chmod($_SESSION['qr_path'], "0755");

Can anyone please advise.

bradgrafelman

For one, [man]chmod/man expects an integer (usually an octal value) to be passed as the second parameter, not a string.

Second, have you verified that chmod()'s return value indicates that the change was successful? Do you have error_reporting set to E_ALL and either display_errors (development environment) or log_errors (production environment) set to On?

Finally, note that the user who invoked the PHP parser must either a) be a superuser (not likely, and definitely far from good if it is), or b) own the directory in question. Also note that if the latter is the case, and if you are on a shared server that doesn't use open_basedir restrictions, then nothing would prevent anyone else on that shared server from simply re-chmod'ing your directory back to 0777.

In other words, if you're worried about security in any way, you'd better not be on a shared host. 😉

dcjones

Hi Brad and many thanks for your reply.

The server is dedicated not shared.

Well spotted on the second parameter, stupid mistake on my part.

I have changed the reporting to display all error, and there are many as you would expect.

The script does not have permission to write to the directory concerned.

Is there a safe way do do this?

bradgrafelman

dcjones;10989510 wrote:
Well spotted on the second parameter, stupid mistake on my part.

The only stupid mistake is one from which you don't learn... at least that's what I like to tell myself when I make stupid mistakes. :quiet:

dcjones;10989510 wrote:
I have changed the reporting to display all error, and there are many as you would expect.

While I might have expected the errors, that still doesn't make me psychic. 😉 What are the actual error messages?

dcjones;10989510 wrote:
The script does not have permission to write to the directory concerned.

Like I said above, the write permission has no effect on whether or not you can chmod a file or directory. You actually have to be the owner of a file/directory to chmod it.

dcjones;10989510 wrote:
Is there a safe way do do this?

One way might be to configure the user account that Apache runs under to be in a group of which you are also a member. That way you can simply leave the directory at 0775 permissions (or perhaps even 1775, e.g. drwxrwxr-t).