umask and chmod explained in php
Dealing with file permissions, chmods, umasks, safe mode and file uploads in PHP on Linux can be a nightmare if you are not familiar with the concepts.
My particular problem was as follows:
Safe Mode was Off (although this is irrelevant)
Running: PHP Version 5.1.6
I was attempting to change the chmod of a recently uploaded file to chmod: 777 from with a PHP script. (i.e. Read, Write & Execute for everybody)
THIS DID NOT WORK:
$chmodresult = chmod($file2change , ‘0777′); //it made the file have no chmod at all
THIS DID WORK:
$chmodresult = chmod($file2change , 0777); //note the lack of quote marks around the mode value.
Safe Mode
Before I discovered the difference between the two variations of the script, above, I had been running PHP in safe mode and had assumed that my chmod problems were being caused by some safe_mode restriction. I had, therefore, turned safe mode off as part of the process of finding a solution to my problem.
I have, since, tested the working code above with safe mode ON and managed to successfully chmod the file to 777. Therefore, (in my set-up at least), Safe Mode was not the culprit.
There are other issues were Safe Mode can affect uploaded files:
Say, a file is uploaded via a script with safe mode on. The file is, then, ‘owned’ by the linux USERID that the script was running as. Then, if you try to chmod that file via an FTP application, it is likely that you will be presented with a ‘550 Operation not permitted’ FTP error. This is because the FTP user is running as a different linux USERID than that of the USERID that the script was running as. Safe mode is likely to be the culprit for that kind of problem.
This ‘dispute of ownership’ can be very unsettling, especially if you then try to delete that file via FTP and get told you aint got the power. This is where a — CAREFULLY USED — unlink() function comes in handy. It allows you to delete a file via a PHP script.
Apparently, if you have a dedicated server and trust the other users that have access to the machine, then Safe Mode is more of a curse than a blessing. On shared servers it has its benefits, but has been criticised for giving a false sense of security to web authors.
See info on which functions are restricted by safe mode in php:
http://uk2.php.net/manual/en/features.safe-mode.functions.php
Info of changing the configuration in PHP
http://us2.php.net/configuration.changes
(note you cannot alter safe mode flag via the .htaccess)
CHMOD Help
CHMOD is really confusing. As I know a scarce amount about it - here are some links to well written explanations:
CHMOD Basics
http://www.pageresource.com/cgirec/chmod.htm
Who actually is the user, who actually is a group and who on Earth is the World?
http://en.wikipedia.org/wiki/User:Ronnystalker
The chmod() function in PHP
http://uk3.php.net/chmod
UMASK Help:
In essence the umask setting for a user on a linux machine specifies the default chmod settings for files created by that user. It can be altered using the umask() php function. As the documentation explains, it is important to save the original umask setting in a variable so that you can restore it that setting after you have finished creating the new file.
Use the umask() function to temporarily alter the default chmods of new files created by your script (i.e when it is handling uploaded files.). It is safer than creating a file and then racing to chmod it to a secure mode afterwards. If you want the new file to be chmoded as 777 (or a mode that is less secure than the default one) then this technique unnecessary.
The argument provided to the umask function is not a ‘chmod mode’ - it is different. See the link to an explanation of umask values below.
Good explanation of what umask is and a cheatsheet to some of umask values:
http://www.unix.org.ua/orelly/networking/puis/ch05_03.htm
The umask function in PHP:
http://uk.php.net/umask
October 7th, 2007 at 7:12 pm
[…] researching information for my previous post on chmods, safe mode etc. I discovered a fantastic article on the various configuration settings that can tighten up a […]