chmod problem when creating a file in web script

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


This is a web based Perl script.

I need to allow the user to create a small file under
/home/ - already chmod 0755.

I have tried chmod  in the Perl script to change  the permission to write -
then back to read

my $filename='/home/';
chmod  (0777,$filename); # allow writing
open (DAT,">$filename");
print DAT "$whatever";
chmod  (0755,$filename); # safely back to read only

but I get permission denied.

I don't want 0777 anywhere because of security issues. How do I get around
the final 7 in 0777?


Re: chmod problem when creating a file in web script

Quoted text here. Click to load it

Does this file really need to be executable?

Quoted text here. Click to load it

From where? None of the lines above do any error checking, so is this
not your real code? Have you seen the Posting Guidelines?

Assuming the error is from the chmod, you can't chmod a file unless you
own it (for obvious reasons). I don't quite know what you're trying to
achieve here, but I suspect you're going about it the wrong way

Quoted text here. Click to load it

What 'security issues' do you think are prevented by this? Apart from
anything else, had the code above worked you would have had a window
where the file *was* 0777, completely removing any potential security
benefit from chmoding it back to 0755 afterwards.

Oh, and (as usual):
    Check the return values of your system calls.
    Use three-arg open.
    Keep your filehandles in variables.
    Explicitly close any file opened for writing and check for errors.
    Don't uselessly quote variables.

    open (my $DAT, ">", $filename)
        or die "can't open '$filename': $!";
    print $DAT $whatever;
    close $DAT
        or die "can't write to '$filename': $!";

You could also use the 'autodie' CPAN module (core as of perl 5.10) to
do all the 'or die's for you.


Site Timeline