what the heck does "permissions 33279" mean?

Re: what the heck does "permissio ns 33279" mean?

lkrubner@geocit ies.com wrote:[color=blue]
> ... It uses
> fileperms() to get the permissions of the file, and it includes that
> info in any error message...
> ... I'm being told that
> permissions are really 33279. What the heck does that mean?[/color]

33279 (decimal) = 100777 (octal)

I have no idea what that 1 is doing there.
Maybe you would be better off using one of the examples at



--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!

Re: what the heck does &quot;permissio ns 33279&quot; mean?

>> ... It uses[color=blue][color=green]
>> fileperms() to get the permissions of the file, and it includes that
>> info in any error message...
>> ... I'm being told that
>> permissions are really 33279. What the heck does that mean?[/color]
>
>33279 (decimal) = 100777 (octal)
>
>I have no idea what that 1 is doing there.[/color]

The upper bits of the file permissions, which you cannot change
with chmod, typically indicate the type of the file (regular file,
directory, socket, symlink, named pipe, etc. ).

Gordon L. Burditt

Re: what the heck does &quot;permissio ns 33279&quot; mean?

How do I ask a RedHat Linux box what the hell its permissions mean? No
wait, maybe that is not the problem. Is fileperms ever wrong? My FTP
client says the permissions are simply 777. But PHP cannot change the
file.

Re: what the heck does &quot;permissio ns 33279&quot; mean?

lkrubner@geocit ies.com wrote:[color=blue]
> How do I ask a RedHat Linux box what the hell its permissions mean? No
> wait, maybe that is not the problem. Is fileperms ever wrong? My FTP
> client says the permissions are simply 777. But PHP cannot change the
> file.
>[/color]
You can't change it if you don't have permission to modify data held
about it in the directory. So, if that's set to 555 ( ignoring
ownerships for the sake of example ), then you can't change the file.

Steve

Re: what the heck does &quot;permissio ns 33279&quot; mean?

I'm not sure I understand you. The permissions seem to be set to 777.
Why would PHP lack, as you say, "permission to modify data held about
it in the directory". What kind of data are you referring to? Is there
another layer of permisions in Linux that has nothing to do with the
numbers?

Let me ask this question more generally. How do I troubleshoot this
problem? My PHP code is not being allowed to change a file. My FTP
client says permissions on the file (and also the directory that it is
in) is set to 777. How do I track down what the problem is? What
questions do I ask? My code has a fair amount of error checking, but
none of it quite reveals the problem. The permissions were, I thought,
set to 33279 which I thought was funny, but it now it seems, based on
what Graca and Burditt said, that that resolves itself to 777. So how
do I find out what the problem is?


<?php



function fileUpdate() {
// 12-08-04 - we want to make it easy for people to customize their
own installations of
// the software, so want to make it easy for them to edit those
arrangements that make up
// the control panel.
$controllerForA ll = & getController() ;
$resultsObject = & $controllerForA ll->getObject("McR esults", " in the
function fileUpdate().") ;

// 12-08-04 - since PHP will cache file info, we need to clear the
cache if we are doing multiple
// things which might cause a "true" result to become "false" or vice
versa.
clearstatcache( );

$formInputs = $GLOBALS["formInputs "];

if (is_array($form Inputs)) {
extract($formIn puts);

// 04-05-04 - we need to trim white space off the ends of these, and
neutralize any dangerous code
// that hackers have tried to slip in.
$fileName = trim($fileName) ;
$fileContent = trim($fileConte nt);
$fileNameOld = trim($fileNameO ld);
$fileContentOld = trim($fileConte ntOld);
$fileName = htmlspecialchar s($fileName);
$fileNameOld = htmlspecialchar s($fileNameOld) ;


// 04-05-04 - an easy hacker attack would be to overwrite much needed
files, outside the correct directory.
// Therefore we need to take control of what directory is being
written to.
$fileNameRecord = $fileName;
$len = strlen($fileNam e);
$char = "";
$count = 0;
// 12-08-04 - this next bit is too clever. Basically, we expect the
file name at this point to look
// like this:
//
// ppArrangementsA dmin/editweblogPages Form.php
//
// We want to strip off the "ppArrangements Admin/" part. So we walk
through till we get to
// the first "/". Then we take the rest of the filename and proceed.
If there is still a "/"
// in the filename after this, we can assume some hacker was trying
to make some kind of
// attack, and so we'll throw an error.
while ($count < $len && $char != "/") {
$char = substr($fileNam e, 0, 1);
$fileName = substr($fileNam e, 1);
$count++;
}
$location = strpos($fileNam e, "/");
if (is_numeric($lo cation)) {
$resultsObject->addToResults(" We were unable to update this file.
The file name is invalid. It should not contain more than one '/'
(forward slash). This is what we got: $fileNameRecord . Problem in
fileUpdate()", "fileUpdate ");
} else {
$config = getConfig();
$pathToNeededFi les = $config["pathToNeededFi les"];

$formData = $GLOBALS["formData"];
$fileType = $formData["fileType"];
if ($fileType == "public") {
$fileName = "ppArrangements Public/".$fileName ;
} else {
$fileName = "ppArrangements Admin/".$fileName ;
}

$fileName = $pathToNeededFi les.$fileName;
if (file_exists($f ileName)) {
$perm = fileperms($file Name);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = @ fopen($fileName Backup, "w+");

if ($fp) {
$fileContentOld = stripslashes($f ileContentOld);
$success = @ fwrite($fp, $fileContentOld );
$isClosed = @ fclose($fp);

if ($success) {
$resultsObject->addToResults(" We created a back up of your file
and gave it the name $fileNameBackup . If you need to restore the old
version, go back to that file.");

$fp = @fopen($fileNam e, "w+");
$fileContent = stripslashes($f ileContent);
$success2 = @fwrite($fp, $fileContent);
@fclose($fp);

if ($success2) {
$resultsObject->addToResults(" We successfully saved the
$fileName document.");
} else {
$fileContent = htmlspecialchar s($fileContent) ;
$resultsObject->addToResults(" In fileUpdate, something went
wrong and we were unable to save the document called ' $fileName '. The
file permissions were set to '$perm'. You'd written: $fileContent ");
}
} else {
$fileContent = stripslashes($f ileContent);
$fileContent = htmlspecialchar s($fileContent) ;
$resultsObject->addToResults(" In fileUpdate(), we tried to create
a back up of your file and give it the name $fileNameBackup , but we
failed. The file permissions were set to '$perm'. Because of the risk
of overwriting your only copy, we have not tried to update the file.
Here is what you'd written: $fileContent");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' so we could edit it, but we were not able to open it. It's
permissions were set to '$perm'", "fileUpdate ");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' but it does not exist.", "fileUpdate ");
}
}
} else {
$resultsObject->error("In fileUpdate, we assumed we were going to be
given a set of data called formInputs, but for some reason we got no
such thing.", "fileUpdate ");
}
}




?>

Re: what the heck does &quot;permissio ns 33279&quot; mean?

On 9 Dec 2004 11:26:43 -0800, lkrubner@geocit ies.com wrote:
[color=blue]
>I'm not sure I understand you. The permissions seem to be set to 777.
>Why would PHP lack, as you say, "permission to modify data held about
>it in the directory". What kind of data are you referring to? Is there
>another layer of permisions in Linux that has nothing to do with the
>numbers?[/color]

As posted by others, fileperms returns not only the file permissions, but also
the bits representing the type of the file. This is all bunched together within
the filesystem. To see permissions, you should only look at specific bits, and
convert to octal for the usual convention of 777 = wide open permissions.

The manual has an example function to convert fileperms bits into readable
form, and this also gives some idea how to isolate the permissions bits.


[color=blue]
>Let me ask this question more generally. How do I troubleshoot this
>problem? My PHP code is not being allowed to change a file. My FTP
>client says permissions on the file (and also the directory that it is
>in) is set to 777. How do I track down what the problem is? What
>questions do I ask? My code has a fair amount of error checking, but
>none of it quite reveals the problem. The permissions were, I thought,
>set to 33279 which I thought was funny, but it now it seems, based on
>what Graca and Burditt said, that that resolves itself to 777. So how
>do I find out what the problem is?[/color]
[color=blue]
> $fp = @ fopen($fileName Backup, "w+");[/color]

Wouldn't it be a good idea to remove the @ error-suppression operator? Since
you don't know why the open is failing, and you've only printed out a generic
message of your own invention in response, it would be valuable to see the
actual error message that PHP raises.

Disk full, quota exceeded, locked by another process (possibly depending on
filesystem there) are all potential reasons why a 777-permission file couldn't
be opened for writing.

--
Andy Hassall / <andy@andyh.co. uk> / <http://www.andyh.co.uk >
<http://www.andyhsoftwa re.co.uk/space> Space: disk usage analysis tool

Re: what the heck does &quot;permissio ns 33279&quot; mean?

--------------------------
Wouldn't it be a good idea to remove the @ error-suppression operator?
Since
you don't know why the open is failing, and you've only printed out a
generic
message of your own invention in response, it would be valuable to see
the
actual error message that PHP raises.
--------------------------

That is a good idea. I removed all the error suppressors and got this:

Warning: fopen("", "w+") - Success in
/home/httpd/vhosts/yoganinjaallian ce.org/httpdocs/ppExtras/fileUpdate.php
on line 71

I can not imagine what this means and I'm confused why the warning has
the word "Success" in it. I'm also uncertain why the fopen is showing
double double-quotes for the first parameter, as if no file name was
given to it. My code first checks that the file exists, so it's not
possible that I'm passing an empty string to fopen:


$fileName = $pathToNeededFi les.$fileName;
if (file_exists($f ileName)) {
$perm = fileperms($file Name);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = fopen($fileName Backup, "w+");

if ($fp) {
$fileContentOld = stripslashes($f ileContentOld);
$success = fwrite($fp, $fileContentOld );
$isClosed = fclose($fp);

if ($success) {
$resultsObject->addToResults(" We created a back up of your file
and gave it the name $fileNameBackup . If you need to restore the old
version, go back to that file.");

$fp = fopen($fileName , "w+");
$fileContent = stripslashes($f ileContent);
$success2 = fwrite($fp, $fileContent);
fclose($fp);

Re: what the heck does &quot;permissio ns 33279&quot; mean?

lkrubner@geocit ies.com wrote:[color=blue]
> Warning: fopen("", "w+") - Success in
> /home/httpd/vhosts/yoganinjaallian ce.org/httpdocs/ppExtras/fileUpdate.php
> on line 71[/color]

<snip>
[color=blue]
> $fileName = $pathToNeededFi les.$fileName;
> if (file_exists($f ileName)) {
> $perm = fileperms($file Name);
>
> $fileNameBackup = str_replace("/", "/backup_", $fileNameOld);[/color]
^^^^^^^^^^^^
Where did this variable come from?
[color=blue]
> $fp = fopen($fileName Backup, "w+");[/color]
<snip>

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!

Re: what the heck does &quot;permissio ns 33279&quot; mean?

The variable you are pointing to is simply the old name of the file,
with "backup" appended. I make a backup to protect people from making a
stupid mistake.

I should add that we had a server on Interland and this code worked
without a hitch, on servers running Free BSD. We've recently switched
to a new server on Rackspace running RedHat Linux. I'm not sure, but
I'd guess that is when the problem started. But, as I say, my test file
and test folder have permissions set to 777, so it is hard to imagine
why the code isn't working.



<?php



function fileUpdate() {
// 12-08-04 - we want to make it easy for people to customize their
own installations of
// the software, so want to make it easy for them to edit those
arrangements that make up
// the control panel.
$controllerForA ll = & getController() ;
$resultsObject = & $controllerForA ll->getObject("McR esults", " in the
function fileUpdate().") ;

// 12-08-04 - since PHP will cache file info, we need to clear the
cache if we are doing multiple
// things which might cause a "true" result to become "false" or vice
versa.
clearstatcache( );

$formInputs = $GLOBALS["formInputs "];

if (is_array($form Inputs)) {
extract($formIn puts);

// 04-05-04 - we need to trim white space off the ends of these, and
neutralize any dangerous code
// that hackers have tried to slip in.
$fileName = trim($fileName) ;
$fileContent = trim($fileConte nt);
$fileNameOld = trim($fileNameO ld);
$fileContentOld = trim($fileConte ntOld);
$fileName = htmlspecialchar s($fileName);
$fileNameOld = htmlspecialchar s($fileNameOld) ;


// 04-05-04 - an easy hacker attack would be to overwrite much needed
files, outside the correct directory.
// Therefore we need to take control of what directory is being
written to.
$fileNameRecord = $fileName;
$len = strlen($fileNam e);
$char = "";
$count = 0;
// 12-08-04 - this next bit is too clever. Basically, we expect the
file name at this point to look
// like this:
//
// ppArrangementsA dmin/editweblogPages Form.php
//
// We want to strip off the "ppArrangements Admin/" part. So we walk
through till we get to
// the first "/". Then we take the rest of the filename and proceed.
If there is still a "/"
// in the filename after this, we can assume some hacker was trying
to make some kind of
// attack, and so we'll throw an error.
while ($count < $len && $char != "/") {
$char = substr($fileNam e, 0, 1);
$fileName = substr($fileNam e, 1);
$count++;
}
$location = strpos($fileNam e, "/");
if (is_numeric($lo cation)) {
$resultsObject->addToResults(" We were unable to update this file.
The file name is invalid. It should not contain more than one '/'
(forward slash). This is what we got: $fileNameRecord . Problem in
fileUpdate()", "fileUpdate ");
} else {
$config = getConfig();
$pathToNeededFi les = $config["pathToNeededFi les"];

$formData = $GLOBALS["formData"];
$fileType = $formData["fileType"];
if ($fileType == "public") {
$fileName = "ppArrangements Public/".$fileName ;
} else {
$fileName = "ppArrangements Admin/".$fileName ;
}

$fileName = $pathToNeededFi les.$fileName;
if (file_exists($f ileName)) {
$perm = fileperms($file Name);

$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = fopen($fileName Backup, "w+");

if ($fp) {
$fileContentOld = stripslashes($f ileContentOld);
$success = fwrite($fp, $fileContentOld );
$isClosed = fclose($fp);

if ($success) {
$resultsObject->addToResults(" We created a back up of your file
and gave it the name $fileNameBackup . If you need to restore the old
version, go back to that file.");

$fp = fopen($fileName , "w+");
$fileContent = stripslashes($f ileContent);
$success2 = fwrite($fp, $fileContent);
fclose($fp);

if ($success2) {
$resultsObject->addToResults(" We successfully saved the
$fileName document.");
} else {
$fileContent = htmlspecialchar s($fileContent) ;
$resultsObject->addToResults(" In fileUpdate, something went
wrong and we were unable to save the document called ' $fileName '. The
file permissions were set to '$perm'. You'd written: $fileContent ");
}
} else {
$fileContent = stripslashes($f ileContent);
$fileContent = htmlspecialchar s($fileContent) ;
$resultsObject->addToResults(" In fileUpdate(), we tried to create
a back up of your file and give it the name $fileNameBackup , but we
failed. The file permissions were set to '$perm'. Because of the risk
of overwriting your only copy, we have not tried to update the file.
Here is what you'd written: $fileContent");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' so we could edit it, but we were not able to open it. It's
permissions were set to '$perm'", "fileUpdate ");
}
} else {
$resultsObject->error("In fileUpdate(), we wanted to open the file
'$fileName' but it does not exist.", "fileUpdate ");
}
}
} else {
$resultsObject->error("In fileUpdate, we assumed we were going to be
given a set of data called formInputs, but for some reason we got no
such thing.", "fileUpdate ");
}
}




?>

Re: what the heck does &quot;permissio ns 33279&quot; mean?

lkrubner@geocit ies.com wrote:[color=blue]
> I should add that we had a server on Interland and this code worked
> without a hitch, on servers running Free BSD. We've recently switched
> to a new server on Rackspace running RedHat Linux. I'm not sure, but
> I'd guess that is when the problem started. But, as I say, my test file
> and test folder have permissions set to 777, so it is hard to imagine
> why the code isn't working.[/color]
<snip>

Safe mode, perhaps?
or open_basedir?



--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!

Re: what the heck does &quot;permissio ns 33279&quot; mean?

Good thoughts, but when I run phpinfo(), it looks like safe mode is
off. I beneath the basedir, so I'm not sure how that could forbid
operations. A sample of the phpinfo output :



highlight.strin g
#CC0000 #CC0000
html_errors
On On
ignore_user_abo rt
Off Off
implicit_flush
Off Off
include_path
..:/usr/share/pear .:/usr/share/pear
log_errors
Off Off
magic_quotes_gp c
On On
magic_quotes_ru ntime
Off Off
magic_quotes_sy base
Off Off
max_execution_t ime
30 30
open_basedir
/home/httpd/vhosts/publicdomainsof tware.org/httpdocs:/tmp no value
output_bufferin g
no value no value
output_handler
no value no value
post_max_size
8M 8M
precision
14 14
register_argc_a rgv
On On
register_global s
On On
safe_mode
Off Off
safe_mode_exec_ dir
no value no value
safe_mode_gid
Off Off
safe_mode_inclu de_dir
no value no value
sendmail_from
me@localhost.co m me@localhost.co m
sendmail_path
/usr/sbin/sendmail -t -i /usr/sbin/sendmail -t -i

Re: what the heck does &quot;permissio ns 33279&quot; mean?

Anyone have any ideas about why I can't rewrite this file? File
permissions are 777, apparently, and the same is true of the folder.
safe_mode seems to be off, judging from the output of phpinfo(). I'm
inside of the basedir limits. What else could be the problem?

Re: what the heck does &quot;permissio ns 33279&quot; mean?

On 9 Dec 2004 21:15:59 -0800, lkrubner@geocit ies.com wrote:
[color=blue]
>That is a good idea. I removed all the error suppressors and got this:
>
>Warning: fopen("", "w+") - Success in
>/home/httpd/vhosts/yoganinjaallian ce.org/httpdocs/ppExtras/fileUpdate.php
>on line 71
>
>I can not imagine what this means and I'm confused why the warning has
>the word "Success" in it. I'm also uncertain why the fopen is showing
>double double-quotes for the first parameter, as if no file name was
>given to it.[/color]

Print the parameter given to the function to prove this.
[color=blue]
>My code first checks that the file exists, so it's not
>possible that I'm passing an empty string to fopen:
>
>$fileName = $pathToNeededFi les.$fileName;
>if (file_exists($f ileName)) {
>$perm = fileperms($file Name);
>
>$fileNameBacku p = str_replace("/", "/backup_", $fileNameOld);[/color]

Given that the variable you use in file_exists is not the one that you use in
the fopen call, it does not necessarily follow that "My code first checks that
the file exists" implies that "it's not possible that I'm passing an empty
string to fopen".

Your code has not checked the contents of $fileNameOld anywhere. It could well
be empty. The only occurrences of writes to $fileNameOld are:

$fileNameOld = trim($fileNameO ld);
$fileNameOld = htmlspecialchar s($fileNameOld) ;

$filenameOld apparently comes in from external input (via
extract($formIn puts)). You've not posted what $formInputs contains.
[color=blue]
>$fp = fopen($fileName Backup, "w+");[/color]

Put "print $fileNameBackup ;" on a line before this. Assuming this is line 71.
Also print out $fileNameOld. If in doubt, print everything so you can prove
what the values are rather than just asserting that a condition is not
possible.

--
Andy Hassall / <andy@andyh.co. uk> / <http://www.andyh.co.uk >
<http://www.andyhsoftwa re.co.uk/space> Space: disk usage analysis tool

Re: what the heck does &quot;permissio ns 33279&quot; mean?

-------------------
Your code has not checked the contents of $fileNameOld anywhere. It
could well
be empty.
-------------------

Hot tip! I added a check for $fileNameOld and isolated the error,
nothing else, and suddenly the function worked:

$fileName = $pathToNeededFi les.$fileName;
if (file_exists($f ileName)) {
$perm = fileperms($file Name);

if (!file_exists($ fileNameOld)) {
$resultsObject->error("In fileUpdate() we went looking for a file
with the old name of '$fileNameOld' but no such file existed.",
"fileUpdate ");
}
$fileNameBackup = str_replace("/", "/backup_", $fileNameOld);
$fp = fopen($fileName Backup, "w+");

if ($fp) {
$fileContentOld = stripslashes($f ileContentOld);
$success = fwrite($fp, $fileContentOld );
$isClosed = fclose($fp);



Yet I can't imagine why this function worked on the old server, but not
on the new one.