Code Comments
Programming Forum and web based access to our favorite programming groups.
LAMP uploaded file permissions preventing db uploadOn my LAMP system, I am using the http post method for uploading files from the browser into the /tmp directory. Then using the MySQL "load file" command to load that file into the database. Well at least I am trying to. The upload to the /tmp directory is working fine, but due to file permission s, the load into the db is failing. Apache/PHP is running as nobody:nobody (I have tried different groups with n o luck) MySQL is running as mysql:mysql permissions on /tmp are currently: drwxrwxrwx 12 root root 4096 Sep 25 22:17 tmp permissions on a file that has been uploaded to /tmp are currently: -rw------- 1 nobody nobody 255775 Sep 25 22:17 test.csv If I change the permissions on the file to world-readable the db load works as expected. Any ideas on how to get Apache/PHP to write the file to /tmp as world-readable w ould be greatly appreciated. Of course if I should be taking a different approach, I woul d be welcome to recommendations there as well. Thanks Will
Post Follow-up to this message
Re: LAMP uploaded file permissions preventing db uploadI'm not sure what the security implications would be, but if you added MySQL also to the `nobody` group, it should be able to read the file from that directory. /tmp is generally world-readable, so it's just the file permissions that are causing the problem, as you say. Previously I've used PHP to do this, just issuing chmod(0755); on the /tmp/file_name within PHP rather than running exec(chmod blah) But generally, I wouldn't expect allowing MySQL to access 'nobody' files to be a problem - the other way round (allowing it to open User or Root-owned files) would open a huge security hole, of course. HTH Cheers - Neil At 11:45 26/09/2004 +0000, you wrote: >Message-ID: <20040926024241.29619.qmail@web41129.mail.yahoo.com> >Date: Sat, 25 Sep 2004 19:42:41 -0700 (PDT) >From: Will Cordle <wcordle@yahoo.com> >To: php-db@lists.php.net >MIME-Version: 1.0 >Content-Type: text/plain; charset=us-ascii >Subject: LAMP uploaded file permissions preventing db upload > >On my LAMP system, I am using the http post method for uploading files >from the browser into the >/tmp directory. Then using the MySQL "load file" command to load that >file into the database. >Well at least I am trying to. > >The upload to the /tmp directory is working fine, but due to file >permissions, the load into the >db is failing. > >Apache/PHP is running as nobody:nobody (I have tried different groups with >no luck) >MySQL is running as mysql:mysql > >permissions on /tmp are currently: >drwxrwxrwx 12 root root 4096 Sep 25 22:17 tmp > >permissions on a file that has been uploaded to /tmp are currently: >-rw------- 1 nobody nobody 255775 Sep 25 22:17 test.csv > >If I change the permissions on the file to world-readable the db load >works as expected. Any >ideas on how to get Apache/PHP to write the file to /tmp as world-readable >would be greatly >appreciated. Of course if I should be taking a different approach, I >would be welcome to >recommendations there as well. > >Thanks >Will ======================================== ================ CaptionKit http://www.captionkit.com : Production tools for accessible subtitled internet media, transcripts and searchable video. Supports Real Player, Quicktime and Windows Media Player. VideoChat with friends online, get Freshly Toasted every day at http://www.fresh-toast.net : NetMeeting solutions for a connected world.
Post Follow-up to this message Re: LAMP uploaded file permissions preventing db uploadNeil - Being new to this, it never occurred to me that I could acutally chmod the f ile through PHP. Now after I move the file, I chmod it, and everything works just fine. I really appreciate the help. Thanks Will --- "Neil Smith [MVP, Digital media]" <php@comatose.freeserve.co.uk> wrote: > I'm not sure what the security implications would be, but if you added > MySQL also to the `nobody` group, it should be able to read the file from > that directory. /tmp is generally world-readable, so it's just the file > permissions that are causing the problem, as you say. > > Previously I've used PHP to do this, just issuing chmod(0755); on the > /tmp/file_name within PHP rather than running exec(chmod blah) > > But generally, I wouldn't expect allowing MySQL to access 'nobody' files t o > be a problem - the other way round (allowing it to open User or Root-owned > files) would open a huge security hole, of course. > > HTH > Cheers - Neil > > At 11:45 26/09/2004 +0000, you wrote: > > > ======================================== ================ > CaptionKit http://www.captionkit.com : Production tools > for accessible subtitled internet media, transcripts > and searchable video. Supports Real Player, Quicktime > and Windows Media Player. > > VideoChat with friends online, get Freshly Toasted every > day at http://www.fresh-toast.net : NetMeeting solutions > for a connected world. > > > >
Post Follow-up to this message
Sponsored Links
Powered by vBulletin
Copyright 2000-2006 Jelsoft Enterprises Limited.
