[pmwiki-users] Uploaded files world readable!?
list_ob at gmx.net
Sat Dec 29 05:42:47 CST 2012
seemingly my posting from yesterday wasn't distributed to the list (at
least I got no copy), so I try again:
"Patrick R. Michaud" wrote:
>> upload.php uses "fixperms($filepath,0444);", therefore uploaded files
>> get world read access, correct?
>> Why is this needed?
>Short answer: Fixperms only adds the minimum permissions necessary
>to ensure that the account owner has sufficient permission to access
>Longer answer: Some PHP installations run programs under a
>special "nobody" or "apache" account, which means that any files
>uploaded to the server are owned by that account and not the
>account that installed PmWiki. If permissions aren't fixed,
>this means that the person who installed PmWiki is sometimes
>unable to view or even remove uploaded files from their own
>The fixperms() function detects when this occurs and makes sure
>that the account that installed PmWiki always retains appropriate
>permissions to any files that are uploaded. Sometimes the only
>way to do this is by adding world read permissions.
>If PHP is already running under the account of the PmWiki owner,
>or if the default file permissions of uploaded files are such
>that the owner will still be able to access the file, then fixperms()
>doesn't do anything to the file.
this might be true in most cases, but upload.php calls fixperms with
_additional_ (unconditional) 0444 permissions, so even if I'm running
PmWiki in a "good" environment where Apache, PHP and the (S)FTP server
all use the same user ID, the files get world read permissions.
I think that is not the intention of fixperms, and as far as I see, it
makes the files readable for all other customers on the same server.
My original question is: Why is the additional/unconditional 0444
"$add" parameter present in upload.php?
Oliver Betz, Muenchen (oliverbetz.de)
More information about the pmwiki-users