Reputation: 12947
Files writable by PHP even though CHMOD is 555?
I've got a new server and when using my php script, I'm able to write files and detect them as being writable even though CHMOD has them as 555 or 755. Is there an apache module or php.ini that is making this possible? Is this a security problem?
Upvotes: 0
Views: 1151
Answers (2)
Reputation: 396
What filesystem is your server/volume using?
Some filesystems use different permission schemes, like Access Control Lists in addition to or instead of Unix permissions. For example, you might be using AFS or OpenAFS (Andrew File System) which uses ACL's, in which case you'd have to enter a completely different command to change access. Ask your network administrator; they should be able to answer that. Or you can try running
df -T
to see what that gives you.
Upvotes: 2
Reputation: 9567
You might want to read up on file permissions here:
http://www.zzee.com/solutions/unix-permissions.shtml
That should give you a clue about whats going on.
It doesn't have to be a security hole, file permissions are server side, but if people can upload files they can theoretically, potentially inflict harm by somehow getting their own code running on your server....
Upvotes: 1
Related Questions
- php can't open or write file despite 777 permisions
- Php - Chmod Not Working
- Apache still serving PHP file with incorrect permissions
- PHP - chmod won't work properly
- php chmod() not changing permissions
- File not writeable even though permissions are 777
- Uploaded php file gets permission 600 (can't execute)
- PHP fails to chmod?
- Why can't my PHP script chmod a file it creates?
- PHP File Permissions... getting it "write"?