file ownership differs between ftp and image upload

[wwwillem]

OK, I've searched the forum :) I have analyzed what goes wrong, but I can't find the solution.

Here is the scenario, I run CMSMS on a hosted account, let's say my user is wwwillem. When I ftp 'stuff' into that webaccount, the owner of files is "wwwillem:wwwillem". And all is good, also CMSMS is running fine.

When I now want to use image->upload (from within CMSMS Admin) I get upload to work, but only after setting the directory to 777. So far still OK, and upload works now, however these images are now owned by user "99:99", which I assume is the UID of "Apache". And they have a setting of 640 (IIRC). Result is that CMSMS can upload but not 'view' the images.

What I need to solve of course is that the uploaded image file isn't owned by user "99", but by user "wwwwillem". My current workaround is to upload only with ftp, buy I would like to use the CMSMS upload.

I can't be the first one. :-) Did I miss a config setting somewhere?

[calguy1000]

This is not a CMS issue, it's a standard issue with any web application.  You are right, your ftp account and the account that apache is running on are different users, and in many unix environments (by default) one user can't see another users files.

Now there is a choice..... users can explicitly change the permissions of their files so that other users can see/read them..... or they can change the 'file creation mask' so that newly created files have a permission that is suitable for other users to read.

You need to do some more googling, and looking in the forums, and in the messages..... this issue has been discussed more times than I can count.

[wwwillem]

hi CalGay, we should have a drink one day, I'm also living in YYC ...

I guessed already this wasn't a new problem. And I know my Unix sysadmin stuff. I just wanted to be sure that I didn't have overlooked some CMSMS option that could fix it. I will probably go for "uplifting" my umask setting a little.

Thanks for confirming!!

[calguy1000]

Okay, I'll post the answer, cuz I'm drunk, and happy enough...

Under 'Site Admin >> Global Settings' is the 'File Creation Mask'.  and there's a test feature so you can see what the permissions of newly created files will be.

Now this won't help with files that are already uploaded, but will help with anything you upload in the future.

People should really explore the menu options of packages that they install.... it's not just you there are alot of people that just 'don't look around'.

[wwwillem]

Ahhhh, but I knew about that umask feature already!! 

Seriously: the way you suggest it, the result is that you leave the ownership with Apache and open up the file 'world' so that the CMSMS website can read it. Which works, but also makes you vulnerable, because now everybody on the server can delete and even "update" (replace with pron) that image.

The proper thing would be (which is what I'm after) instead of changing the permissions to 777, have the ownership of the file changed to the "wwwillem" that it should be.

OK, maybe I'm asking for the impossible, but I just wanted to be sure.....

[calguy1000]

if you know you're unix sysadmin stuff then you know that only root can change ownership of files.

However, there are things like php_suexec, or some such things, or chroot jails, etc, etc, that allow php to run as the local account, and not as the global www user (apache, wwwuser, 99, nobody or whatever he may be called).

However, these are all server config issues, and not CMS issues.

[wwwillem]

>
> these are all server config issues, and not CMS issues
>

And that's what I wanted to verify.

But I will have a look into that phpsuexec.

[wwwillem]

SUMMARY

Got it all sorted out. The issue is that when you use the CMSMS file / image upload functions, the files / dirs you upload are owned by 'nobody'. When you do the same with the ftp you got from your isp, the files are owned by the user assigned to you.

Using the 'umask' setting in "Global Settings", you can take care that the file is readable, but not writeable by everybody ('022' will do the trick).

The secret is simply not to mix the two !!! Use one or the other (cmsms vs. ftp) but not both.

Your .../Uploads directory will be read/writable by both users, but below that you should have everything owned by 'nobody'. Therefore don't ftp files into that part of your site.

Willem

[calguy1000]

Well, setting the umask to 000 should do the trick too, then all newly created files will have 777 permission (theoretically).....  this would cause them to be world readable and writable and allow you to edit/delete them with your ftp account.

The only real security concern here is that a bad script in somebody elses directory could theoretically mess with files in those directories. .... but since you have to have them writable by the httpd process owner anyways, this is already the case.