Permissions and security for users uploading images to website

Question

I am developing a feature for my social networking website that allows users to upload pictures (and later videos), which other people can then view. The code currently copies the uploaded image from the temp upload directory into a /media/ directory directly under the web server document root, generating a name for it (we don't use the original filename). The image is also stored in mongo gridfs. When a request comes in for an image file, I use htaccess to see if the file exists - if it doesn't, then the URL is rewritten to a PHP program that retrieves the image from mongo, writes it to its filename under /media/ and redirects.

My question is about security and the relevant directory permissions on the /media directory. The permissions on the /media/ directory are such that it has to be writeable by www-data. Is there a way to achieve the same effect as what I currently have without having a world-writeable directory under my document root? I've read quite a few posts on SO about this kind of problem, which seem to say different (though generally non-conflicting) things, and I was hoping for a good summary of the main points I should watch out for.

Answer 1

I find these 2 links very helpfull:
http://www.mysql-apache-php.com/fileupload-security.htm
http://www.acunetix.com/websitesecurity/upload-forms-threat.htm

Answer 2

If you only require your PHP scripts to upload files to this folder (and change its contents), you're going to need to make the user Apache runs as the owner of the directory.

To find out the user Apache runs as, use:

ps aux | grep apache

on the SSH command line. Then find out the user group Apache is apart of. As you've said, it's usually always www-data but you can always double check just to be sure. Once you know, set this group as the owner of your directory:

chgrp -R www-data /path/to/directory