Re: File permissions for a wiki-like site

Gordon Burditt wrote:
I'm writing a site where a handful of people will be able to edit
the content using PHP scripts (FCKeditor). The content is stored as
individual files in a directory. I'd like to validate the "editors"
using PHP, cookies, etc.
The question is what file permissions I need to allow for the
content to be writable by my PHP script. Do I really need to give
write permissions to the "other" group. Are all wikis really that
vulnerable? (yes, I know that's the point, but for restricted wikis,
for instance...)
Thanks,
Adam
The only one doing the writing will be the Apache user itself. The
system doesn't know or care who is using the editor - that's completely
between Apache and the user.

And beware that unless you implement your own security, any of those
people will be able to edit any of the files.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstuck...@xxxxxxxxxxxxx
==================
Thanks for your reply. I am quite ignorant here, so I will see whether
I can even ask a coherent follow-up. So the PHP script is run by the
Apache user. Is that the user that owns Apache, or a special username?

Often it's both.

In a typical PHP application, there are 3 different types of users:

OS users, stored in /etc/passwd.
Database users, perhaps stored in the mysql.user table. Usually a web
application "owns" a database user and uses it on its own behalf,
rather than handing out database users to people who register.
Web users, perhaps stored in some other database table, a text file,
or hardcoded somewhere. The web user is used for things like
identifying posts, and determining who gets to access what private
information.

When a user registers for your web application, you typically give them
a web user and NOT an OS user.

Files are owned by OS users. Anything Apache and PHP can write on
can be written on regardless of the Web user. If you have rules
about what Web user can write on what other Web user's stuff, you
have to write code to enforce it. Web users normally don't have
corresponding OS users.

If you are on a shared host, you may be able to FTP content in using
YOUR OS user but PHP runs as Apache's OS user. The only way to let
both write in the same place is to use mode 777 on directories (unless
they are in a common group, which they usually aren't).


A smart host will make users members of the group owned by the Apache server. Then you can use 660 (or 770 if it's executable) and be accessible by the owner and the web server, but not by other users.


It would seem, then, that I would want to give rwx permissions for the
content files to that user alone (and myself), not do a chmod 777. Is
that right?

Standard UNIX file permissions don't allow a file to have two owners.

You don't normally want to give x permission to any *file* that a
web application can write on (as distinguished from *directory*,
which needs x permission). x permission is for executables and
shell scripts.



So why not just throw the door wide open to any hacker who could upload to that file and run whatever scripts he wants? :-)


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@xxxxxxxxxxxxx
==================
.

Relevant Pages

  • Re: File permissions for a wiki-like site
    ... the content using PHP scripts. ... The question is what file permissions I need to allow for the ... content to be writable by my PHP script. ... The web user is used for things like ...
    (comp.lang.php)
  • Re: File permissions for a wiki-like site
    ... the content using PHP scripts. ... content to be writable by my PHP script. ... The only one doing the writing will be the Apache user itself. ... The web user is used for things like ...
    (comp.lang.php)
  • Re: File permissions for a wiki-like site
    ... the content using PHP scripts. ... The question is what file permissions I need to allow for the ... content to be writable by my PHP script. ... The web user is used for things like ...
    (comp.lang.php)
  • Re: File permissions for a wiki-like site
    ... the content using PHP scripts. ... content to be writable by my PHP script. ... The only one doing the writing will be the Apache user itself. ... The web user is used for things like ...
    (comp.lang.php)
  • Re: security issues with apache!
    ... I'm not completely new to Debian or Linux, ... makes Apache execute these. ... The intruder exploited a PHP script that was poorly written. ... Once you find the offending PHP script, you can either remove it or add an exit; on top of the script so that it does not accept any input. ...
    (Debian-User)