scanning /home/ with opendir()

Question

Is it possible to scan /home/ directory with opendir and scandir. When i try to exec script it says permission denied what should i do?

<?php

$dir = '/home/';
$dirs = scandir($dir);
?>
<pre>
<?php print_r($dirs); ?>
</pre>

You can, yes, but you need to have permissions on the home directory to do so. — Prisoner, Aug 25 '11 at 10:34

score 6 · Answer 1 · answered Aug 25 '11 at 10:35

6

You can use is_readable('/home/') to check if you have permission. If not you'd need to make sure the directory has read privileges, probably 0755 (rwxr-xr-x)

answered Aug 25 '11 at 10:35

Small Hadron Collider

809
1
6
17

Is there any cons of setting chmod 755 of /home/ on a server with 500+ websites ? – skuul Aug 25 '11 at 11:17
1

In my case, `scandir` was performed on `/var/logs/project` and I had to ensure that all the folders i.e. `/var`, `/var/logs` and `/var/logs/project` are all readable and executable for users not in group. I did `chmod 755 /var`, `chmod 755 /var/logs` and `chmod -R 755 /var/logs/project`. – arun Apr 25 '16 at 17:07

score 2 · Answer 2 · edited May 23 '17 at 12:16

2

For security, PHP defines a 'basedir', below which you are not allowed to access. As Aleks G says, there is also the file permissions to consider.

This question talks about how to get around basedir restrictions: How can I relax PHP's open_basedir restriction?

Tom Haigh's answer copied to here:

You can also do this easily on a per-directory basis using the Apache (assuming this is your web server) configuration file (e.g. httpd.conf)

<Directory /var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir "/var/www/vhosts/domain.tld/httpdocs:/var/www/vhosts/domain.tld/zend"
</Directory>

you can also completely remove the restriction with

<Directory /var/www/vhosts/domain.tld/httpdocs>
php_admin_value open_basedir none
</Directory>

edited May 23 '17 at 12:16

Community

1
1

answered Aug 25 '11 at 10:34

Deebster

2,829
1
26
26

I tried it and but still cant access it still permission denied – skuul Aug 25 '11 at 11:16
Then, as the other answers say, you need to enable read permission for the apache process. You can `chmod g+rx-w /home` and change the group of the /home folder from root to www-data (or whatever your apache has access to - make a new group if necessary) – Deebster Aug 25 '11 at 11:27

score 0 · Answer 3 · answered Aug 25 '11 at 10:35

I'm not a PHP programmer, but I think your problem is that when PHP tries the opendir, it is running with the same user ID as apache has, which may not have permission to read your /home directory.

You could fix that by altering the permissions on /home, or adding the apache userid to whatever group has group ownership of home.

Possibly it is a problem in your Apache configuration file. Even if the filesystem permissions would permit it, your httpd.conf file may not allow access to /home. That would usually be the case if all of your HTML files are in /var/www.

The httpd.conf might be set up to allow serving files out of your users' home directories. In that case the permission would be granted for directories within /home but not for /home itself.

score 0 · Answer 4 · answered Aug 25 '11 at 10:35

The answer is in your question: it's a permission problem. Most likely, the process under which Apache is running does not have permission to read /home directory (or your usernamd, if running in CLI). Manually do this in a terminal:

ls -ld /home

and check the attributes.

scanning /home/ with opendir()

4 Answers4

Linked