16

A question about file permissions when saving a file that when non existent, is created initially as new file.

Now, this all goes well, and the saved file appear to have mode 644.

What to I have to change here, in order to make the files save as mode 777?

Thanks a thousand for any hints, clues or answers. The code that I think is relevant here I have included:

/* write to file */

   self::writeFileContent($path, $value);

/* Write content to file
* @param string $file   Save content to which file
* @param string $content    String that needs to be written to the file
* @return bool
*/

private function writeFileContent($file, $content){
    $fp = fopen($file, 'w');
    fwrite($fp, $content);
    fclose($fp);
    return true;
}
Jason Aller
  • 3,541
  • 28
  • 38
  • 38
Sam
  • 15,254
  • 25
  • 90
  • 145
  • 3
    Note that 0777 mode is **dangerous**. See http://stackoverflow.com/questions/2338641/in-a-php-apache-linux-context-why-exactly-is-chmod-777-dangerous –  Jun 22 '11 at 00:54
  • @Phoenix thanks. I guese 0766 will suffice (need to allow for all writing permissions). is that better? – Sam Jun 22 '11 at 01:03
  • 1
    0766 is better; that will prevent arbitrary code execution. Does the file need to be **world** writable, or will it suffice if only e.g., Apache can write to it? Do you have a set of applications that need to be able to write these files? What if you made them run as the same group and set 0764 mode instead? –  Jun 22 '11 at 01:05
  • 1
    not really, it's the write bit that's dangerous, not the execute :-) I would ask _why_ you think it has to be world-writable. – paxdiablo Jun 22 '11 at 01:06
  • Flying @Phoenix Thanks! Indeed, it needs to be World Writable in this case. Canceling the exetuging bit solves my night-sweat wwwwiiiuieuuewuwuuuwww :) Good point about that group thing. I will check that out and make a final descition. – Sam Jun 22 '11 at 01:06

3 Answers3

34

PHP has a built in function called bool chmod(string $filename, int $mode )

http://php.net/function.chmod

private function writeFileContent($file, $content){
    $fp = fopen($file, 'w');
    fwrite($fp, $content);
    fclose($fp);
    chmod($file, 0777);  //changed to add the zero
    return true;
}
Eric Leschinski
  • 146,994
  • 96
  • 417
  • 335
thescientist
  • 2,906
  • 1
  • 20
  • 15
  • 12
    _Don't_ use 777, it's a _decimal_ number and nothing like what you want :-) – paxdiablo Jun 22 '11 at 00:50
  • Is it a security risk? If file permission is 777, then attacker can use "PUT" method to upload a file into the system? Am I wrong? According to your answer, I will use your solution. – Hasan Dec 05 '16 at 15:41
  • @Hasan presumably there would be some sort of Auth system in place to validate the user making the request has the necessarily permissions to execute a script with such privileges. That said, it is certainly worth noting the principle of least privilege in all cases of software development, but technically not what the OP was asking for here :). In addition, I don't think the method factors in at all here. In theory a GET request to a script could trigger something like this, if that was the design. – thescientist Dec 21 '16 at 17:26
7

You just need to manually set the desired permissions with chmod():

private function writeFileContent($file, $content){
    $fp = fopen($file, 'w');
    fwrite($fp, $content);
    fclose($fp);

    // Set perms with chmod()
    chmod($file, 0777);
    return true;
}
Michael Berkowski
  • 267,341
  • 46
  • 444
  • 390
2

If you want to change the permissions of an existing file, use chmod (change mode):

$itWorked = chmod ("/yourdir/yourfile", 0777);

If you want all new files to have certain permissions, you need to look into setting your umode. This is a process setting that applies a default modification to standard modes.

It is a subtractive one. By that, I mean a umode of 022 will give you a default permission of 755 (777 - 022 = 755).

But you should think very carefully about both these options. Files created with that mode will be totally unprotected from changes.

paxdiablo
  • 854,327
  • 234
  • 1,573
  • 1,953