httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Johnson <...@indietorrent.org>
Subject Re: [users@httpd] mod_fcgid upload permission changes.
Date Tue, 11 Dec 2012 18:11:58 GMT


On 12/11/2012 1:01 PM, Toni Moreno wrote:
> I would be happy to know  another way to upload files for any users on
> the system through HTTPS.
> 
> But the question is why mod_fcgid changes apache umask ? is the correct
> way to proceed , a undefined configuration , or a bug?
> 
> El 11/12/2012 18:12, "Eric Covener" <covener@gmail.com
> <mailto:covener@gmail.com>> escribió:
> 
> 
> 
> 
>     On Tue, Dec 11, 2012 at 10:30 AM, Toni Moreno <toni.moreno@gmail.com
>     <mailto:toni.moreno@gmail.com>> wrote:
> 
>         Yes !!! I do!!!
> 
>         The php-cgi executes a php command who does the following.
> 
>         - changes EUID for the process to a user who belongs to
>         "itsatadm" group  ( it works fine!)
>         - reads uploaded file in /tmp/ and stores it to the $HOME of
>         this user.
> 
> 
>     Isn't that the wrong way to read a request body in fastcgi?
> 

When you say, "But when doing an "upload" ( from any browser)  the
mod_fcgid creates a tmp file with 600 permissions !!", by what means are
you uploading the file? With PHP?

If so, are you calling PHP's chmod() function, e.g.,
chmod('/tmp/file.ext', octdec('0644')) on the temporary file once you've
confirmed that is has been uploaded to PHP's temporary directory
successfully?

-Ben

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message