p***@mailfoo.de
2014-07-22 20:03:23 UTC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ehlo,
first post here, so please bear with me :)
I am using extended filesystem ACLs (ext4) for creating a shared work
environment for several users (devs) and groups.
Using PHP 5.5.9+dfsg-1ubuntu4.3 I have realised the following issue:
Using fopen/fwrite/fclose the PHP interpreter does actually create a
file which inherits the default extended ACLs from the parent directory.
Using a simple PHP upload script I end up with files which do not get
any extended ACL at all, which for me looks wrong. :)
The issue is reproducable the same on apache/mod-php as well as
nginx/php-fpm.
My first (and only so far) lead here is that PHP seems to create the
uploaded files first in a temporary directory and then moves them into
the final place. As Linux "mv" command does not regard the target ACLs
just moves the source ACLs in, I have set "upload_tmp_dir" to a
directory where I have set the proper ACLs, tho still I end up with
uploaded files with *no* extended ACLs set.
I tried from a stackoverflow suggestion to "disable_functions = rename"
in hope that the interpreter now uses cp/link/unlink instead of mv. No
success.
Now I am totally out of ideas, why this is happening and how to have a
consistant behaviour between creating and uploading files. Especially I
am in need for a generic configurable solution, as I am looking forward
to host quite some php sites/CMSs (and am not willing/able to modify the
code for all those varying code bases, especially regarding updates etc :)
How to fix the - imho not quite correct - behaviour when uploading files
to a server using PHP?
kind regards,
phaidros
ps: I also found this, and have the feeling it might be related:
https://bugs.php.net/bug.php?id=65057&edit=1
So the source for trouble might be in move_uploaded_file() ?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQGcBAEBAgAGBQJTzsOJAAoJEJhnRHRRn9SyUPYL/RQ1wkyF4Keon/V8wYV8E0z/
0ZlybyZSsV6u3vmfVSD6C7aSYR6w6wy27XVcLvGOTCnkTBv/Byf05dgBw/GmeG6A
3TlsKLzGOs04+96Oec6QBk0YduFZxvihYoIPPGu5V7bh7M8upBQF7XrYPoaDHJk1
tgkZYzT1hsDHlOx+dJ4QxOKOdcoLgXsXC/005hyOrERrqAjc5W965aux3KSasGMr
myjZTZw8z5mSyOlUiEegDmR0D2C5XBkZIpOmSyEQkFIncse170DaBMfF/xu2tX6u
KAaaxApx0gjRkQ3FmoTSNkmn0m6lVZct+xGWV1Vo+c+lYy5JwjuUsZJ3JQaLUySl
5PXwBj3+lWfTTPwCjptZ/xXq9+lap2hiVDBLv0BUsQ9YWudcCMjxYrhQkPWfPUzb
hPKS5t2bAiyBR5YuX8MRKv7MF6z7aqL4WwW7Ruf1p1SMaf41pjQ1+CKK1ONffJCX
kcYoJUabnPhZhYrmMKatLoJ9DaEthnH/sFB5tTituw==
=oVq8
-----END PGP SIGNATURE-----
Hash: SHA1
Ehlo,
first post here, so please bear with me :)
I am using extended filesystem ACLs (ext4) for creating a shared work
environment for several users (devs) and groups.
Using PHP 5.5.9+dfsg-1ubuntu4.3 I have realised the following issue:
Using fopen/fwrite/fclose the PHP interpreter does actually create a
file which inherits the default extended ACLs from the parent directory.
Using a simple PHP upload script I end up with files which do not get
any extended ACL at all, which for me looks wrong. :)
The issue is reproducable the same on apache/mod-php as well as
nginx/php-fpm.
My first (and only so far) lead here is that PHP seems to create the
uploaded files first in a temporary directory and then moves them into
the final place. As Linux "mv" command does not regard the target ACLs
just moves the source ACLs in, I have set "upload_tmp_dir" to a
directory where I have set the proper ACLs, tho still I end up with
uploaded files with *no* extended ACLs set.
I tried from a stackoverflow suggestion to "disable_functions = rename"
in hope that the interpreter now uses cp/link/unlink instead of mv. No
success.
Now I am totally out of ideas, why this is happening and how to have a
consistant behaviour between creating and uploading files. Especially I
am in need for a generic configurable solution, as I am looking forward
to host quite some php sites/CMSs (and am not willing/able to modify the
code for all those varying code bases, especially regarding updates etc :)
How to fix the - imho not quite correct - behaviour when uploading files
to a server using PHP?
kind regards,
phaidros
ps: I also found this, and have the feeling it might be related:
https://bugs.php.net/bug.php?id=65057&edit=1
So the source for trouble might be in move_uploaded_file() ?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQGcBAEBAgAGBQJTzsOJAAoJEJhnRHRRn9SyUPYL/RQ1wkyF4Keon/V8wYV8E0z/
0ZlybyZSsV6u3vmfVSD6C7aSYR6w6wy27XVcLvGOTCnkTBv/Byf05dgBw/GmeG6A
3TlsKLzGOs04+96Oec6QBk0YduFZxvihYoIPPGu5V7bh7M8upBQF7XrYPoaDHJk1
tgkZYzT1hsDHlOx+dJ4QxOKOdcoLgXsXC/005hyOrERrqAjc5W965aux3KSasGMr
myjZTZw8z5mSyOlUiEegDmR0D2C5XBkZIpOmSyEQkFIncse170DaBMfF/xu2tX6u
KAaaxApx0gjRkQ3FmoTSNkmn0m6lVZct+xGWV1Vo+c+lYy5JwjuUsZJ3JQaLUySl
5PXwBj3+lWfTTPwCjptZ/xXq9+lap2hiVDBLv0BUsQ9YWudcCMjxYrhQkPWfPUzb
hPKS5t2bAiyBR5YuX8MRKv7MF6z7aqL4WwW7Ruf1p1SMaf41pjQ1+CKK1ONffJCX
kcYoJUabnPhZhYrmMKatLoJ9DaEthnH/sFB5tTituw==
=oVq8
-----END PGP SIGNATURE-----
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php