chown on web root document
Posted: Mon Dec 24, 2007 8:24 pm
Hello,
I recently ran into a problem w/ my php app not being able to upload photos to my server. I kept getting a 'failed to open stream: permission denied" error.
I know I had it working last week, but over the weekend I was messing w/ linux to get capastrino working and I must have mucked up my linux settings somehow. Anyhow, the user:group setting on my web root document and all sub directories was changed to root:users. Prior to that, I can't remember what ownership I had it set at...maybe root:root?
I fixed it in one of two ways:
1. I changed the ownership on the web root document to apache:apache. Now I can upload files w/o problem. I believe this corrects the problem b/c the httpd process is running under the apache user.
OR
2. I modified the permissions on the destination upload folder. I updated it from 755 to 777. Now it doesn't matter what the ownership is...all uploads work.
So what's the best solution? Is setting the upload folder to 777 a security risk? Is there a way to keep the ownership on the web root document at root:users, keep the permissions of the upload folder at 755 and still get uploads working?
THanks!
I recently ran into a problem w/ my php app not being able to upload photos to my server. I kept getting a 'failed to open stream: permission denied" error.
I know I had it working last week, but over the weekend I was messing w/ linux to get capastrino working and I must have mucked up my linux settings somehow. Anyhow, the user:group setting on my web root document and all sub directories was changed to root:users. Prior to that, I can't remember what ownership I had it set at...maybe root:root?
I fixed it in one of two ways:
1. I changed the ownership on the web root document to apache:apache. Now I can upload files w/o problem. I believe this corrects the problem b/c the httpd process is running under the apache user.
OR
2. I modified the permissions on the destination upload folder. I updated it from 755 to 777. Now it doesn't matter what the ownership is...all uploads work.
So what's the best solution? Is setting the upload folder to 777 a security risk? Is there a way to keep the ownership on the web root document at root:users, keep the permissions of the upload folder at 755 and still get uploads working?
THanks!