[pmwiki-users] Uploaded files world readable!?

Oliver Betz list_ob at gmx.net
Sat Dec 29 05:42:47 CST 2012


seemingly my posting from yesterday wasn't distributed to the list (at
least I got no copy), so I try again:

"Patrick R. Michaud" wrote:

>> upload.php uses "fixperms($filepath,0444);", therefore uploaded files
>> get world read access, correct?
>> Why is this needed?
>
>Short answer: Fixperms only adds the minimum permissions necessary 
>to ensure that the account owner has sufficient permission to access 
>the file.
>
>Longer answer:  Some PHP installations run programs under a 
>special "nobody" or "apache" account, which means that any files
>uploaded to the server are owned by that account and not the
>account that installed PmWiki.  If permissions aren't fixed,
>this means that the person who installed PmWiki is sometimes
>unable to view or even remove uploaded files from their own
>account.
>
>The fixperms() function detects when this occurs and makes sure
>that the account that installed PmWiki always retains appropriate
>permissions to any files that are uploaded.  Sometimes the only
>way to do this is by adding world read permissions.
>
>If PHP is already running under the account of the PmWiki owner,
>or if the default file permissions of uploaded files are such
>that the owner will still be able to access the file, then fixperms()
>doesn't do anything to the file.

this might be true in most cases, but upload.php calls fixperms with
_additional_ (unconditional) 0444 permissions, so even if I'm running
PmWiki in a "good" environment where Apache, PHP and the (S)FTP server
all use the same user ID, the files get world read permissions.

I think that is not the intention of fixperms, and as far as I see, it
makes the files readable for all other customers on the same server.

My original question is: Why is the additional/unconditional 0444
"$add" parameter present in upload.php?

Oliver
-- 
Oliver Betz, Muenchen (oliverbetz.de)




More information about the pmwiki-users mailing list