Issue
Not sure if this is the right place to ask this, please, let me know if I am mistaken and should post this elsewhere.
I am developing an app comprised of several forms and POST/GET functions that work in waterfall style to create contact>customer>service>service details. In order to keep on moving on to the next part you must have completed the previous one.
The last task of the app was to create a csv file using some of the data provided throughout the process, store the file in a folder located inside the project files themselves so a script can move those files periodically to be archived.
This app is being hosted in our own server and intended to use internally but whenever I hit that last step, I got
fopen(/var/www/html/UBERNET/csv/companyName.csv): failed to open stream: Permission denied in /var/www/html/UBERNET/tests/csvTest.php on line 59
Reading on how to grant the adecuate permissions, instead of a clear way of doing so I found a lot of people concerned about doing it in the first place, stating that it was very insecure to leave permissions open for /var while in other sites and posts nobody raised any alarm when proposed. I don't know exactly what could happen, but I understand that is like leaving the door open.
I see the logic but wanted to be totally sure that it's not a good idea. Maybe for an internal use app there would be no real danger.
If there is a risk indeed, then I would like to ask how could I do it? creating a new folder and giving permission only to that folder? what about the permissions of parent folders? Sadly I don't have the slightest clue on how to approach the issue.
I can provide with the code of the function that creates the csv file, but there are no issues there so I won't include it at first. The path to my project has already been posted:
- Path to project:
/var/www/html/UBERNET - Path to executed file:
/var/www/html/UBERNET/tests/csvTest.php - Path to intended folder for storage:
/var/www/html/UBERNET/csv
These are the permissions for /var:
drwxr-xr-x 13 root root 4096 May 8 2019 var
A brief recap:
I want to change permissions for /var if this does not pose a risk so I can store the csv file, but I don't know how chmod exactly works and how to apply it to /var.
If changing permission is a bad idea, and you can think of any alternative it would be most welcomed.
Thank you for your time and help!
Solution
Change into the html/ directory and execute the following command
chmod 766 UBERNET
You have now enabled reading from and writing to that folder. Only the owner of yje folder can execute any file in the folder (if there are executable files) which should be fairly safe for your application.
Answered By - Jay Blanchard Answer Checked By - Candace Johnson (WPSolving Volunteer)