I am exploring using 'Mogrify' to resize user submitted icons submitted through my avatar hack. The problem is that while uploading a files through PHP doesn't seem to be a problem as they are stored in /tmp, /var/tmp or whatever eles may be set, copying these files to the users directory does present a problem.
PHP generally runs as user "nobody" or "web" and that user doesn't have permission to write to the users directory. I have searched and found this to be a common problem. The solutions I have found is to set the directory for the images to mode 777, which is not a good solution at all, or change the ownership of the directory to the same as the user for which PHP is running as. I have tried to do that with out any luck.
Example
My test images destination directory is called "php" so I attempted to change it to be owned by "web" so that PHP could write to it but not have to make it world writeable so that anyone can screw with it.
But I am clearly the owner of the directory :
What gives here? Am I not allowed to do this? If I can get this to work than I will modify the avatar hack to also give the option of storing the images in the filesystem instead of the database. And use mogrify to resize them all to a consistent size for appearence sake.
And if that all goes well then I start my Picture Gallery hack which definately needs to be able to write as it needs to create thumbnails and optimize pictures.
P.S. if PHP is run as a CGI, what is the situation with permissions?
PHP generally runs as user "nobody" or "web" and that user doesn't have permission to write to the users directory. I have searched and found this to be a common problem. The solutions I have found is to set the directory for the images to mode 777, which is not a good solution at all, or change the ownership of the directory to the same as the user for which PHP is running as. I have tried to do that with out any luck.
Example
My test images destination directory is called "php" so I attempted to change it to be owned by "web" so that PHP could write to it but not have to make it world writeable so that anyone can screw with it.
Code:
bash-2.03$ chown web:web php chown: php: Not owner bash-2.03$
Code:
drwxr-xr-x 2 hedge users 512 Aug 3 12:48 php
And if that all goes well then I start my Picture Gallery hack which definately needs to be able to write as it needs to create thumbnails and optimize pictures.
P.S. if PHP is run as a CGI, what is the situation with permissions?
Comment