2

I have a script that resizes images and then save the new images.
I can't save the new image if the original image didn't have 777 permissions.

I know that 777 is risky, so when using different permissions such as 775 or 755 it does nothing.

  1. Why it does nothing?
  2. how to fix it?

EDIT:
I want to be able to save the files using my script no matter what the permission of the IMAGE is/was.

Ron
  • 3,677
  • 16
  • 69
  • 117

5 Answers5

8

It all because your server is badly configured, which means httpd runs as different user than owns all the files and this requires write permission set for others. The solution would be to fix the server configuration so these user ids match. But it's not trivial if you are not familiar with the server administration. Other (but this is not really a solution) would be to to put these two users into one group, so that way instead of giving everyone write access you "limit" it to your group only. But this is not a way to go though. Alternatively, if you are the only user on the server you may set httpd to run on your userid/groupid instead of its own. But, again, this should not be considered a "solution".

Marcin Orlowski
  • 67,279
  • 10
  • 112
  • 132
  • How can I change that setting, and how this setting called – Ron Apr 04 '13 at 14:34
  • There's no "option" you can change in 5 seconds. It's much more complicated and complex task. You may start reading about suPHP or suEXEC – Marcin Orlowski Apr 04 '13 at 14:37
  • I see. should I just stay with 777 permissions? I even dont know what its risks... I just know it is risky. – Ron Apr 04 '13 at 14:40
  • If you got other users on the server then, they potentially can write to your files too, i.e. planting their code without you even knowing that. It all depends on what you need that server for - just development machine, not exposed to the world? if so, stick to what you have. If it's public server then I am afraid it may be not configured too good in other aspects as well. And in such case I'd just consider buying some i.e. shared hosting for my project just to let other care about this. – Marcin Orlowski Apr 04 '13 at 14:43
  • It is a server hosted on 123-reg.co.uk. I am the only user for the FTP and the website is public ofc (company website). so I can stay with 777 permissions or not? – Ron Apr 04 '13 at 14:47
2

You can re-set the User and Group parameters in Apache config file to run it as another user.

MMag
  • 43
  • 4
1

1) You create a new folder with 777 permission.

2) save the image in that folder.

I dont think you would need 777 on the original image.

.

.

For the security, you need:

A) check extension of uploaded files and call the custom resize/image function. This will ensure the file is always converted into an image.

B) [.htaccess] (inside your user upload image directory) = 

#Disable directory indexes & folder listing

[deny any file other than image]
<Files ^(*.jpeg|*.jpg|*.png|*.gif)>
order deny,allow
deny from all
</Files>
Raheel Hasan
  • 5,044
  • 4
  • 33
  • 58
1

Your web server is running under a different user than user who owns the images. To find out under which user is your webserver running, create and run this php script

<?php
echo shell_exec('whoami');
?>
Cano64
  • 237
  • 1
  • 2
  • 8
0

You can try to chmod afterwards, but it's strongly dependent on the rights the php daemon has;

chmod("/somedir/somefile", 755);

With fileperms() you can get the current permissions of the created file(s).

  • Sad to hear. I hope WebnetMobile's solution will work out for you :) –  Apr 04 '13 at 14:43