This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.
Please use forum.silverstripe.org for any new questions
(announcement).
The forum archive will stick around, but will be read only.
You can also use our Slack channel
or StackOverflow to ask for help.
Check out our community overview for more options to contribute.
Hi!
My hosting provider has got some special security-features. My problem is now: i want to set the right filepermissions for uploaded files automaticly. E.g. when I upload a pdf into a page, it should have the permissions 0640 and not anything other.
Is there a way to tell Silverstripe for which filetypes it shout use the right permissions?
Thanks in advance!
Hi,
Is it just files uploaded to SS you are thinking about? Are the default permissions too much or not enough in your view?
A way around this might be to upload the file to "assets" with an FTP client and set the permissions that way.
Don't know of a way to configure the permissions SS sets but I know it can be done in php.
Cheers,
Rich
Hi!
Thanks for the reply!
Changing the permissions with an FTP-Client is no problem for me, but for my clients :)
I thought that there's perhaps a config-file where I can say Silverstripe what permissions it should use for the different types of files. Independent if they are self created or uploaded.
Is there a way to set then generally?
Cheers,
Toni
Have a look at the sapphire/filesystem/Filesystem.php class.
It defines two public static members for file and folder creation.
You should be able to set them in your _config.php, like this:
Filesystem::$file_create_mask = 02775;
Filesystem::$folder_create_mask = 02775;Not sure if this has any influence when uploading files, but it certainly does when you create folders via SilverStripe.
If that doesn't work, you could create a shell script that finds and updates files with the wrong permission. Then regularly run the script as a cron-job?
Hi!
Thanks, this would be the first step. Do you know, if I can also set specific permissions for php-files?
I'll try, if uploaded files are influenced by this settings. The shell-script-cron-job-sollution is not a real sollution for me, because the files, I am talking about, will be uploaded by users. And you always got to wait, until the cron-job is through, before they can access the files...
Sorry I'm just in a hurry, so my answer is quite short. But thanks a lot for the tip with the _config.php!
Toni
You could decorate the 'File' class so that uploaded files have their permissions modified after write.
However, this raised some alarm bells:
> Do you know, if I can also set specific permissions for php-files?
You're not trying to allow execution of uploaded php, are you?
Your htaccess should prevent execution of .php, .phtml and .shtml (at least), and you should ensure that the upload directory has no execution privileges etc. Even then, it isn't particularly secure.
Hehe, good idea, but I am far away from this!!!
No, my hosting provider has some special permissions for php-files. just "r--------" (0600). Therefore I wanted it.
But my problem is solved, because I changed now to hosteurope...
But thanx for the help and the warning!
