SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,921
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Uploads and Temporary Directory

    I am currently reviewing my PHP script which allows users to upload a photo.

    In my script, I see these notes..
    * $_FILES['userfile']['tmp_name']
    * Temporary filename of the file in which the uploaded file
    * was stored on the server.
    *
    * Files will, by default be stored in the server's default
    * temporary directory, unless another location has been given with
    * the upload_tmp_dir directive in php.ini. The server's
    * default directory can be changed by setting the
    * environment variable TMPDIR in the environment in which PHP runs.
    * Setting it using putenv() from within a PHP script will not work.
    * This environment variable can also be used to make sure that
    * other operations are working on uploaded files, as well. *

    Knowing virtually nothing about Server Maintenance, and not knowing what my new Hosting Environment will be latter this month - other than Linux - could someone give me some tips on any Security Concerns that I should have pertaining to this?

    (Somewhere in the past I recall that there was somewhere with Web Pages and PHP where you wanted to change the default "Temp Directory" because it was easy pickins for hackers... Maybe that was with SESSIONS?)

    Hope this makes sense?!

    Sincerely,


    Debbie

  2. #2
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,095
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    The default temp directory for uploads, /tmp on linux, is usually fine.
    It would be best if you could mount /tmp without execute bit so nothing in there can be executed. That way, users can upload executables all they want, but they can never run them because it's not allowed. See http://www.debian-administration.org...non-executable for more. This one if for debian, but there's probably one for your distro as well. You are taking VPS or dedicated hosting I presume?

    Also, it's always a good idea to remove the original upload after you've processed it. And a good security measure is to open all uploaded images with GD and then save them again so as to rid them of any malicious code people may have hidden in there.
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  3. #3
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,921
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ScallioXTX View Post
    The default temp directory for uploads, /tmp on linux, is usually fine.
    Would there be a benefit if I made the "Temporary Directory" somewhere outside of the Web Root?

    Likewise, would it make sense to make my permanent "Member Photos Directory" somewhere outside of the Web Root?

    The logic being that if you temporarily or permanently stored photos there, I don't believe they could be executed from incoming requests over HTTP, right?


    It would be best if you could mount /tmp without execute bit so nothing in there can be executed. That way, users can upload executables all they want, but they can never run them because it's not allowed. See http://www.debian-administration.org...non-executable for more. This one if for debian, but there's probably one for your distro as well.
    Isn't there a way to just change the Directory Settings to "Execute = False" and you're covered?


    You are taking VPS or dedicated hosting I presume?
    Yes, I have a VPS.


    Also, it's always a good idea to remove the original upload after you've processed it.
    How do I do that?

    Can I do that with my PHP script?


    And a good security measure is to open all uploaded images with GD and then save them again so as to rid them of any malicious code people may have hidden in there.
    Yes, I am currently doing that.

    Thanks,


    Debbie

  4. #4
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,095
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    Quote Originally Posted by DoubleDee View Post
    Would there be a benefit if I made the "Temporary Directory" somewhere outside of the Web Root?
    It is, /tmp is outside of your webroot. (it's the absolute path /tmp, not relative to anything).


    Quote Originally Posted by DoubleDee View Post
    Likewise, would it make sense to make my permanent "Member Photos Directory" somewhere outside of the Web Root?

    The logic being that if you temporarily or permanently stored photos there, I don't believe they could be executed from incoming requests over HTTP, right?
    Correct on both accounts.

    Quote Originally Posted by DoubleDee View Post
    Isn't there a way to just change the Directory Settings to "Execute = False" and you're covered?
    Sadly no, you have to a have a special partition with special mount flags.

    Quote Originally Posted by DoubleDee View Post
    Yes, I have a VPS.
    Okay good, no need to be worried about other users trying to hack your site from within the server then.

    Quote Originally Posted by DoubleDee View Post
    How do I do that?

    Can I do that with my PHP script?
    Yes, with unlink. Just delete the uploaded file once you're done with it (stored, resized it, etc).
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  5. #5
    SitePoint Wizard DoubleDee's Avatar
    Join Date
    Aug 2010
    Location
    Arizona
    Posts
    3,921
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ScallioXTX View Post
    Yes, with unlink. Just delete the uploaded file once you're done with it (stored, resized it, etc).
    Please see this new PHP-specific thread here...

    Thanks,


    Debbie


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •