php mkdir() and apache ownership issue

Question

PROBLEM

I'm trying to upload files to my own server via PHP. If folder doesn't exist, first I attempt to create the folders;

mkdir($folder, 0700);

My script is creating the folders but apache is the owner of the folder (and file) so I can't access the file which I uploaded.

I have safe_mode off in my server. I still couldn't find a way around for this one.

I would be glad if anyone could help me out with this one.

NOTE: I tried 0755, 0777 doesn't change anything. Apache is owner of the folder created.

Answer 1

I'd suggest reconfiguring the web server to use suEXEC or suPHP. The drawback of this approach is that you're forced to use PHP in CGI mode rather than as an Apache mod. I haven't seen this become a problem on low- to mid-traffic sites, though. The main benefit is that your scripts will run as whoever owns them, and as such any new directories or files your script makes will automatically be owned by said user.

Ultimately, if your problem is just with the creation of new directories and not files, and you're not storing anything that shouldn't be read by prying eyes, then chmod($path, 0755); would fix your issue.

Answer 2

The following code snippet creates directories with permissions 777(or any specified permissions):

 $oldumask = umask(0);
 mkdir($path, 0777);
 umask($oldumask);

Answer 3

Why do you set permissions to 700 in the first place? 755 will allow "anyone" to read your files and folders, and in most cases it's actually acceptable.

Answer 4

Of course. The upload dir must be other writable/accessible, ie: xx7:

// fill APPPATH with a suitable directoy name

if ( ! file_exists(APPPATH . 'uploads'))
{
    mkdir(APPPATH . 'uploads', 0757, TRUE);
}

7: owner permissions, ie: rwx
5: group permissions, ie: rx
7: other permissions, ie: rwx