File Permissions and CHMOD: How to set 777 in PHP upon file creation?
PHP has a built in function called bool chmod(string $filename, int $mode )
http://php.net/function.chmod
private function writeFileContent($file, $content){
$fp = fopen($file, 'w');
fwrite($fp, $content);
fclose($fp);
chmod($file, 0777); //changed to add the zero
return true;
}
chmod 777 in php
bool chmod ( string $filename , int $mode )
Within PHP they might be some limitations on the security, therefore the depending on your configuration it may not work.
The above function returns a booleon to let you know either it has succeed in changing the entities permissions.
if(!chmod($directory,0777))
{
echo "Unable to chmod $direcotry";
}
Also a quote from PHP:
The current user is the user under which PHP runs. It is probably not the same user you use for normal shell or FTP access. The mode can be changed only by user who owns the file on most systems.
Understanding above you should look at chown
Give 777 permission to dynamically created file in php
Use the function chmod
chmod
$fp = fopen($file, 'w');
fwrite($fp, $content);
fclose($fp);
chmod($file, 0777);
PHP: Is permission 777 a security issue?
I believe that you need to set permission 0777 because php needs the ability to write files, because php runs its own process often under its own user it will not be able to write files. Permission 0777 just means that you wish to allow all processes the ability to read write and execute files whereas 0755 only allows owner to read write and execute files but other users such as php to only read and execute.
Now about security:
Because the only real change here is granting php write permission. Now this by itself is not a security problem, as long as you are sanitizing the files you allow to be uploaded. But it does technically open you up to more atteck vectors such as malicious file upload there really is no other way for you to allow file uploads to occur, it is all up to how you processes your files such as blacklisting certain extensions and ensuring file size limits to keep your server secure.
On a side note:
You may also want to drop the execute permission on that folder asking as you do not store any of the php files that you are running in the same directory that you wish to upload files to, which you shouldn't be. Your file upload directory should only have read and write permissions and does not need execute permissions by running the command below
chmod go+rw file
Which is the equivalent to:
chmod -R 0666 /Mohammad/is/cool
Which will make a file readable and writable by the group and others. You can read more about that here and here
Change folder permission to 777 using PHP temporarily
PHP provides a function, chmod()
for the task.
Attempts to change the mode of the specified file to that given in mode.
You can put it in an if
statement, and if it returns false, you can skip the upload file part.
The usage will be like
if( chmod($path, 0777) ) {
// more code
chmod($path, 0755);
}
else
echo "Couldn't do it.";
As described in the chmod function manual, the $mode
must be in octal format - with leading zero, i.e chmod($path, 0777)
Can people write a .php file to my chmod 777 folder
Chances are very good that any legitimate user of that machine can write .php
files, or anything else they want, to that wide-open directory. A 777
directory has almost no place on a shared host. (/tmp
may sometimes be 1777
, to set the sticky bit on the directory -- that allows only a file owner to delete a file in the directory. Normally, 777
means anyone can delete any file from the directory. But /tmp
has definitely fallen out of favor on shared hosting environments because it is inherently unsafe.)
So: Are you the only user on the machine? Or is this machine shared with anyone else? Does this machine run any other services besides web server? If so, those other services might represent a possible attack vector as well.
Furthermore, if your permissions are set to 777
on your directory I wonder just how safe the PHP files you're running are -- I've seen many cases of people running insecure PHP scripts that allow an attacker to modify every HTML file on the entire web server, to infect people browsing the site. (Yes. Many. More than a handful by a lot.)
This is why whichever user account your web server runs as should not own any of the files of the website -- both static pages and dynamic pages. The web server should have only enough write privileges to write its access.log
, error.log
, and talk with a database server. Any additional privileges beyond this makes it far to easy for an otherwise benign bug in one of your scripts to become an exploitable vulnerability that allows your site to be used for attacking others.
777
is a bad idea. Fix that. Make sure your web server does not have write permission to any of the web content. Make sure no other service on the server has write permission to your web content. Make sure no other users on the server have write permission to your web content.
Update
This is easier than it sounds. Create a new webcontent
user. If your web server already has a group of its own, lets use it and call it webgroup
. If it doesn't yet, create a new webgroup
as well. (adduser(8)
and addgroup(8)
if your VPS doesn't have its own mechanism.) Then set the owner for all your web content:
chown -R webcontent:webgroup /path/to/web/content
fix permissions:
find /path/to/web/content -type d -print0 | xargs -0 chmod 750
find /path/to/web/content -type f -print0 | xargs -0 chmod 640
then make sure your web server is using the Group webgroup
directive to ensure that it can still read all the files it needs.
This will let your web server have read access to all your scripts and configuration, but if the web server itself is hacked, it can't modify any of it.
How to set 777 permission on a particular folder?
777
is a permission in Unix based system with full read/write/execute permission to owner, group and everyone.. in general we give this permission to assets which are not much needed to be hidden from public on a web server, for example images..
You said I am using windows 7.
if that means that your web server is Windows based then you should login to that and right click the folder and set permissions to everyone
and if you are on a windows client and server is unix/linux based then use some ftp software and in the parent directory right click and change the permission for the folder.
If you want permission to be set on sub-directories
too then usually their is option to set permission recursively use that.
And, if you feel like doing it from command line the use putty and login to server and go to the parent directory includes
and write the following command
chmod 0777 module_installation/
for recursive
chmod -R 0777 module_installation/
Hope this will help you
Php - Chmod Not Working
The problem has to do with data conversion.
$chmod = "0777";
chmod($filename, octdec($chmod));
By just passing in the $chmod string it get converted 777 witch is not giving you want. octdec("0777") will output 511 that decimal will give chmod the value you want.
Related Topics
How to Get Output of Proc_Open()
Best Way to Get Files from a Dir Filtered by Certain Extension in PHP
Bcrypt and Randomly Generated Salts
What Does "Zend_Mm_Heap Corrupted" Mean
How to Limit File Upload Type File Size in PHP
Convert All Types of Smart Quotes with PHP
Allow Re-Sending New Order Notification in Woocommerce 5+
How to Validate a Credit Card in PHP
Get Variable from PHP to JavaScript
Package 'Php5-Gd' Has No Installation Candidate
PHP Session Side-Effect Warning with Global Variables as a Source of Data
Binding Parameters for Where in Clause with Pdo
Generate Random 5 Characters String
Geo-Search (Distance) in PHP/MySQL (Performance)
Convert Utc Offset to Timezone or Date
PHP Move_Uploaded_File() Error
Could Not Instantiate Mail Function. Why This Error Occurring