Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Hosting Requirements /

What you need to consider when choosing a hosting provider and plan.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

File Permissions


Reply


7 Posts   2511 Views

Avatar
tonisch

Community Member, 15 Posts

7 July 2009 at 1:19am

Hi!

My hosting provider has got some special security-features. My problem is now: i want to set the right filepermissions for uploaded files automaticly. E.g. when I upload a pdf into a page, it should have the permissions 0640 and not anything other.
Is there a way to tell Silverstripe for which filetypes it shout use the right permissions?

Thanks in advance!

Avatar
TotalNet

Community Member, 181 Posts

8 July 2009 at 2:37pm

Hi,

Is it just files uploaded to SS you are thinking about? Are the default permissions too much or not enough in your view?

A way around this might be to upload the file to "assets" with an FTP client and set the permissions that way.

Don't know of a way to configure the permissions SS sets but I know it can be done in php.

Cheers,

Rich

Avatar
tonisch

Community Member, 15 Posts

9 July 2009 at 4:21am

Hi!

Thanks for the reply!
Changing the permissions with an FTP-Client is no problem for me, but for my clients :)
I thought that there's perhaps a config-file where I can say Silverstripe what permissions it should use for the different types of files. Independent if they are self created or uploaded.
Is there a way to set then generally?

Cheers,
Toni

Avatar
banal

Community Member, 901 Posts

9 July 2009 at 5:44am

Have a look at the sapphire/filesystem/Filesystem.php class.
It defines two public static members for file and folder creation.
You should be able to set them in your _config.php, like this:

Filesystem::$file_create_mask = 02775;
Filesystem::$folder_create_mask = 02775;

Not sure if this has any influence when uploading files, but it certainly does when you create folders via SilverStripe.
If that doesn't work, you could create a shell script that finds and updates files with the wrong permission. Then regularly run the script as a cron-job?

Avatar
tonisch

Community Member, 15 Posts

9 July 2009 at 9:16pm

Hi!

Thanks, this would be the first step. Do you know, if I can also set specific permissions for php-files?
I'll try, if uploaded files are influenced by this settings. The shell-script-cron-job-sollution is not a real sollution for me, because the files, I am talking about, will be uploaded by users. And you always got to wait, until the cron-job is through, before they can access the files...

Sorry I'm just in a hurry, so my answer is quite short. But thanks a lot for the tip with the _config.php!

Toni

Avatar
Hamish

Community Member, 712 Posts

15 July 2009 at 9:02am

You could decorate the 'File' class so that uploaded files have their permissions modified after write.

However, this raised some alarm bells:

> Do you know, if I can also set specific permissions for php-files?

You're not trying to allow execution of uploaded php, are you?

Your htaccess should prevent execution of .php, .phtml and .shtml (at least), and you should ensure that the upload directory has no execution privileges etc. Even then, it isn't particularly secure.

Avatar
tonisch

Community Member, 15 Posts

15 July 2009 at 9:37am

Hehe, good idea, but I am far away from this!!!
No, my hosting provider has some special permissions for php-files. just "r--------" (0600). Therefore I wanted it.
But my problem is solved, because I changed now to hosteurope...

But thanx for the help and the warning!