file upload

[humarsoft]

Can we upload a file with security before the cgi change?

I have a file upload script, but it requires 777 on the directory.

This is no good.

Any advice apreciated.

Thanks,
Mark

[jason]

There are a couple of things you can do, although neither is all that simple.

If the file upload is stand alone (i.e not part of a premade app where a lot of other data is being posted along with the file) you could use a CGI script (written in Perl, Python, etc.) to handle the upload. CGI scripts already run under your UID, so the file permissions won't be an issue.

If CGI isn't an option, you could use PHP to FTP the file to your account after it is uploaded (see psudo code below).

Code:

if(file was uploaded) {
    $conn_id = ftp_connect('localhost');
    $login_result = ftp_login($conn_id, 'user', 'pass');
    //note: don't use your main account to do the FTP, create a new account in cPanel specifically for this.
    $upload = ftp_put($conn_id, '/path/on/server' . $upload_filename, $upload_path, FTP_BINARY);
}

Another uoption would be to store the file data in a database (BLOB fields are specifically designed for this purpose). The drawback is that you can't access the files directly (you need a script to retrieve them from the DB). You could use a CRON script to periodically look for newly uploaded files in the DB and export them as normal files. The CRON job would run under your UID.

Just some thoughts...

--Jason

[humarsoft]

Are you saying to put my php script that uploads and the actual folder where the images get uploaded in the CGI-BIN.


Thanks,
Mark

[Gwaihir]

No, he's saying that till PHP goes CGI on your server, you must either live with giving world write access to that folder, or choose a non-PHP based way of uploading.

Specifically why is the 766 a problem for you? There are usually ways to make sure it works out ok.

[humarsoft]

Will 766 prevent someone from uploading and executing a script?

I didn't think it would but I don't know.

Thanks,
Mark

[Gwaihir]

Yes, it will: 4 = read, 2 = write, 1 = execute, 4+2 = 6. However, it's never a good idea to upload files to a place from which they can be accessed directly form the web.

Script execution is just one problem. It would still allow someone to upload say the latest movies for others to download, conveniently passing the bandwith charges and risks associated to you.

You need to make sure uploaded files can't be downloaded directly. The best way to do this is to store them outside the webroot and use some script to control uploading and downloading access. There are nice ready made tools for this that will give you control over who can up/download and how large each file may be.

[humarsoft]

Thanks everyone for your help.

I re-wrote the upload file in perl and it seems to work fine now.

Thanks