Sunday, May 31, 2015

linux - Should the webserver user have write permission on the uploads/ directory?



I always gave to the webserver user full permissions on these dirs:



cache/

logs/
web/uploads/


But now I am wondering if the uploads part is 0K. I was thinking that maybe it would be better if I use a .tmp file for each upload, and then put them in a queue to be moved to uploads/, and do the same for deletions (the queue will be read and validated by a different user). This way, even if an attacker gets to inject malicious code, the uploads/ folder will be safe.


Answer



Your temporary file idea sounds like a fine idea to me.



Whatever directory the temporary files are uploaded to will need to be writable by the user that your code runs as (typically the webserver, especially when using mod_whatever).




Furthermore, this directory needs to be outside of the DocumentRoot. Whatever anyone uploads there should not be on the internet until it has been vetted. This keeps your server from being used in an email telling me that my logons have been disabled and I need to go to http://example.com/uploads/yourbank.php to fix it.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...