uploading to /home/*/public_html on a linux box

Perhaps this is an apache server question, rather than a php
question. But I want to use a simple php upload script in
a user-home-sub-document-root dir on a standard linux box.
>
If php is a mod.so it is the apache process that does the
uploading, so it cannot upload into a directory that belongs
to "username" unless the file permissions are 777,
or perhaps......so me way to use group permissions that
allows the apache process to write to a directory whose
group bit is readable and writable.
>
I tried creating a new group definition in /etc/group
and then made the apache pseudo user a member, as well
as a test user, and then set the directory permission
on that user's public_html directory to 775
>
But the upload process still throws an error message.
There must be a way to do this, without setting the dir
permission to 777
>
>
Is running php as a cgi and then wading through all the
suexec pitfalls the only alternative to 777 permissions?
>
>

>
Is running php as a cgi and then wading through all the
suexec pitfalls the only alternative to 777 permissions?

On 1 May, 22:06, salmobytes <by...@salmo.ne twrote:>
No you could upload to a staging area then use a seperated privilege
program (setuid, sudo, cron job) to publish the files.
>

>
<?php
if($_SESSION['loggedin']) ///use some sort of a password mechanism
system("/home/username/public_html/mycp " . $_GET['wfile'] . " " .
dirname($_SERVE R['SCRIPT_FILENAM E'])."/" . " dbg");
?>
>
====== mycp.c =======
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
>
void useage()
{
printf ("use: mycp sourcefile outputfile\n");
exit(0);
}
>
int main (int argc, char *argv[])
{
unsigned ch;
FILE *in_fp, *out_fp;
>
if(argc < 3)
useage();
>
char src[120];
char dest[120];
sprintf (src, "/tmp/%s", argv[1]);
sprintf (dest, "%s%s", argv[2], argv[1]);
>
printf("src: %s<br>\n", src);
printf("dest: %s<br>\n", dest);
>
if((in_fp = (FILE*) fopen(src,"r")) == NULL)
{
printf("Couldn' t open %s for reading\n", src);
exit(0);
}
>
if((out_fp = (FILE*) fopen(dest,"w") ) == NULL)
{
printf("Couldn' t open %s for writing\n", dest);
exit(0);
}
>
int lcnt=0;
while((ch = (int) fgetc(in_fp)) != EOF)
{
fputc(ch, out_fp);
}
>
fclose(in_fp);
fclose(out_fp);
}
>
==== bash ====
make mycp ## make while logged in as username
chmod a+s mycp
>

>
How is this going to do anything to help him? And what does this have
to do with PHP?

>
mycp runs setuid to the owner of the local /home/username/public_html
directory. mycp is installed inside that public_html.
>

>
A *PHP* upload script deposits the uploaded file in /tmp/

The *PHP* at the top of the previous post invokes `mycp` with a system
call,
which copies the recently uploaded file in /tmp/ to the local_public
html.....so the copied file belongs to the local owner (as specified)
and so public_html DOES NOT REQUIRE 777 permissions, as originally
specified. That was the requirement, no?
>

>
>

No, move uploaded file means the file will belong
to the apache pseudo user. So the local directory
has to be set to 777 to allow that. This is the problem
the original question wanted to overcome.
>

The c-code above can be set to run setuid to the local
user, so the file belongs to the owner. That may
not be the only possible solution, but it is a solution.
>

Hey, just curious. Do you still think the current
state of the economy can be attributed to Bush's
tax cuts and other policies? As you did a half
a year ago? ......just wondering.
>

....the whileone c-code works for me.
I'm not on a shared host. With that code
I get a file uploaded and copied to /home/username/public_html
that belongs to username. That's what I wanted.
>