Problem

You want to make PHP to create directories whose owner is not apache user/group, but PHP script owner/group. At the same time you need SAFE_MODE to be enabled.

Analysis

The problem is that apache runs under certain user-group privileges (most often nobody.nogroup). When a PHP script creates directory with “mkdir” command, the created directory inherits the owner-group from apache process. PHP scripts are run with priviledges of the user.group who owns the script. Therefore a script created by john.user cannot upload anything to directory created by nobody.nogroup.

Solution

  1. Turn on safe_mode_gid:
    php_admin_value safe_mode_gid 1
  2. Restart apache to reload new config.
  3. Change mode of your upload directory to 2777
    $ chmod 2777 your-uploads-dir
  4. This sets the group setuid bit for your directory – in effect any file created in this directory will inherit the group from this directory
mkdir and PHP with SAFE_MODE Enabled

Leave a Reply

Your email address will not be published.