Board index   FAQ   Search  
Register  Login
Board index PHP PHP General

Warnings when creating new files and subdirectories

General discussions related to php

Moderators: macek, egami, gesf

Warnings when creating new files and subdirectories

Postby eyewoo » Tue Jun 03, 2003 5:23 am

I'm developing a web application and have it with some beta testers. Some are reporting that their servers have PHP 4 or better installed, but the program does not work because they receive lots of warning messages. The warnings are all related to the fact that, though PHP is active on the server, permissions have not been set to allow creating files or subdirectories.

This is my first PHP project - question: any idea - roughly - what percent of commercial hosts make PHP available on their clients' accounts, but turn off file creation for security reasons?

It doesn't make sense to me, since I would figure that most PHP applications would need to create files for one reason or another..... :?:
eyewoo
New php-forum User
New php-forum User
 
Posts: 71
Joined: Sun Mar 09, 2003 10:29 am
Location: Pennsylvania, USA

Postby bezmond » Tue Jun 03, 2003 8:04 am

Hey,
my host (http://www.webgroup.co.uk) allows for PHP file creation, however I can't create folders.

Andrew
User avatar
bezmond
Moderator
Moderator
 
Posts: 312
Joined: Sat Apr 05, 2003 4:33 am
Location: Mansfield, UK

Postby eyewoo » Tue Jun 03, 2003 9:01 am

My host, http://www.webaxxs.com , allows creation of files and folders. That's the system I developed the application on.... and now I'm beginning to discover that not all PHP installations are the same...

This is a problem, since the application needs to create files and subdirectories and rename files and subdirectries... It all works well on my development server... :?:
eyewoo
New php-forum User
New php-forum User
 
Posts: 71
Joined: Sun Mar 09, 2003 10:29 am
Location: Pennsylvania, USA

Postby mike » Wed Jun 04, 2003 9:59 am

On my servers I permit file/directory creation but only within /home and /tmp. I think this is the best solution for securing your server files and allow users make their own ones. Most hosts are using the safe_mode switch that makes PHP very strict but its the easiest solution for administrator that dont know or dont care about custom installations.
User avatar
mike
New php-forum User
New php-forum User
 
Posts: 73
Joined: Sun May 04, 2003 4:26 am
Location: Athens

Postby eyewoo » Wed Jun 04, 2003 10:59 am

I presume /home would be a particlar user's home or root directory. Wouldn't it be possible to also allow creation of subdirectories and files below the /home directory?... and still maintain security?

The program I'm working on must be able to create subdirectories in a user's account.
eyewoo
New php-forum User
New php-forum User
 
Posts: 71
Joined: Sun Mar 09, 2003 10:29 am
Location: Pennsylvania, USA

Postby mike » Wed Jun 04, 2003 4:40 pm

Putting some restrictions on system files improve very much the security of the server. /home is the main directory tree for all users. Dont forget that PHP cannot read files on diffent directories on other users but can read any file on /etc ... /usr and other core system dirs.

The program I'm working on must be able to create subdirectories in a user's account.


Its possible with this option.
User avatar
mike
New php-forum User
New php-forum User
 
Posts: 73
Joined: Sun May 04, 2003 4:26 am
Location: Athens


Return to PHP General

Who is online

Users browsing this forum: Google [Bot] and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.