mkdir() and safe_mode

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I ran into the commonly known problem that under safe_mode it is  
possible to create a directory with mkdir(), but impossible to create a  
subdirectory inside the first one:

1 $path = $_SERVER['DOCUMENT_ROOT'].'/cache';
2 mkdir($path, 0755);
3 chmod($path, 0777);
4 mkdir($path.'/subdir', 0755);

Line 2: works (fails with 0777, though...)
Line 3: works
Line 4: Warning: mkdir() [function.mkdir]: SAFE MODE Restriction in  
effect. The script whose uid is 10677 is not allowed to access  
[...]/cache owned by uid 48 in [...]

Now while googling I found out that the directories must be created via  
FTP, as they belong to the FTP user. I am able to do this, but when the  
ftp server is busy this can significantly slow down the system.

Are there some better recommendations how to handle this? If not, as  
most web sites in shared hosting environments (where safe_mode is an  
issue at all) are uploaded to the server via FTP, the mkdir() function  
looks quite useless to me...

Thanks for a comment!

Re: mkdir() and safe_mode

Markus wrote:

Quoted text here. Click to load it

You could :

1. Ask your hosting company to change the ownership of your folders to  
48 (typically apache or www-data).
2. Ask your hosting company to use suPHP
3. Move to one of the thousands of shared hosting environments that have  
seen sense and don't use safe mode, they use other security  
implementations that are much better.

Andrew Hutchings - LinuxJedi -
Windows is the path to the darkside...Windows leads to Blue Screen. Blue  
Screen leads to downtime. Downtime leads to suffering...I sense much  
Windows in you...

Re: mkdir() and safe_mode

Andrew Hutchings schrieb:
Quoted text here. Click to load it
Thank you; anyway I try to make my application work without server-side  
modifications in commonly available hosting environments (well,  
LAMP-based ones...), so my task is still to make it safe-mode compatible.

Re: mkdir() and safe_mode

Markus wrote:
Quoted text here. Click to load it

The classic way to work around a "safe mode" is to create your php files  
dynamically instead of uploading them. I.e. you upload one single  
"unroll" script that generates all worker scripts and saves them to  
files. Since those generated scripts are owned by apache, they won't  
have any trouble accessing files that they create.

gosha bine

extended php parser ~
blok ~

Re: mkdir() and safe_mode

gosha bine schrieb:
Quoted text here. Click to load it

Thanks, I will keep this in mind - I already thought of trying to build  
a convenient installer for my application as soon as I have time; and  
with this background that will be even more desirable.

Site Timeline