Forum Moderators: phranque
My host did something and now the scripts I have that allow users to upload images are cmodding them to 600 instead of 644. This of course keeps the images from being viewed.
My host seems fairly clueless, so I have to track down the issue myself. I don't know much about apache, but I think they must have changed a setting in one of these places:
php.ini
suexec
phpsuexec
apache config.
Can anyone suggest the answer to this?
Thanks!
Everything here requires root access.
We have a dedicated server. I had to change the selinux permissions for chmod
########################################################################################
# 2007/03/18 #
# httpd can't read files uploaded through server #
# this is nice, but screws up the kpftx archive - can't update shofile #
########################################################################################
allow httpd_sys_script_t httpd_tmp_t:file { read write };
allow httpd_sys_script_t httpd_tmp_t:file getattr;
########################################################################################
########################################################################################
# 2007/08/12 #
# httpd - id3v2 can't chmod and unlink - prevent's id3 tags being put into mp3 #
########################################################################################
allow httpd_sys_script_t httpd_tmp_t:file { setattr unlink };
########################################################################################
These are the entries I put into /etc/selinux/targeted/src/policy/domains/program/apache.te
This has to be compiled. cd to /etc/selinux/targeted/src/policy and then make.
Then pray.
Both of these entries refer to apache allowing an application (php script) to execute the functions.
Thanks to the NSA for all this safety. I turned it off on my development box.
Good luck.
O.
