Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: create file outside home directory

  1. #1
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default create file outside home directory

    how can i append my vhost list, which is outside of my home directory
    from the diagram below, is it possible from myfile.php to affect httpd.conf using fopen?

    Code:
    root
    |-var
    |  |-www
    |     |-html
    |        |-myfile.php
    |				
    |-etc
       |-httpd
           |-conf
              |-httpd.conf
    Code:
    $Handle = fopen("httpd.conf", "a");
    $Data = "some string"; 
    fwrite($Handle, $Data); 
    fclose($Handle);
    Last edited by ggalan; 01-03-2012 at 09:17 PM.

  2. #2
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    1. httpd.conf is not a string. It should give a warning (which might not be shown) and may default to that value as a string, but don't rely on it. You should be using quotes around it.

    2. You can get to the higher level file in either of the following ways:
    ../../../../ect/httpd/conf/httpd.conf (relative)
    /etc/httpd/conf/httpd.conf (absolute)

    3. You should NOT be modifying your server's configuration from PHP. A well-designed server should not allow this (file permissions), but even if it does, this is incredibly dangerous.
    On a more technical note, I doubt it would work. I expect that you'd need to restart the server (or at least reset something) for the new configuration to take effect, so you couldn't actually do this using PHP unless you also restarted the server at the same time.

    At the very least, this should absolutely only be on very strongly protected admin pages in case you need to do something important to your server (for example, block all requests while you try to stop a hacker).

    4. Also, if this is a serious piece of code, what you're doing would probably completely crash the server. You would need to parse the httpd.conf file then modify a certain part of the file in a valid way. Just adding some text to the end (or replacing the whole file with random text) is a great way to cause severe problems. Of course you could technically do this with PHP (in terms of editing a file), but it would need to be a lot more complicated than what you've shown here in terms of setting up the content for the file. The easiest way could be to design a template for the file then insert some values using PHP into it. I'd also strongly recommend replacing the entire file rather than just adding some content to the end-- as I said, that probably won't work. But in order to do that, you'd first need to get the current values and/or generate a full httpd.conf settings string.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  3. #3
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default

    appending vhost to a conf file doesnt seem like such a big deal
    apachectl graceful will reload the file

    also this can be an included file from the main conf
    Last edited by ggalan; 01-03-2012 at 06:13 AM.

  4. #4
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    Technically, there's nothing wrong with it. I still think it may be a little awkward to get it running again (you have to reset the server somehow, right?), but generally it should be fine.

    But as I said, the real issue is that if you make a mistake (or if someone manages to hack your PHP and take control of what is added), this can easily break everything. If there's a typo, the server may stop working until you fix it manually.

    This is something like robots doing heart surgery. If it works, it's a great idea. But a typo is very, very bad.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  5. #5
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default

    good point, i guess i will need regex to tightly control how this file gets made
    ive seen lots of automation like this, didnt think much of it at the time

  6. #6
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default

    but getting back to my question, i cant seem to create files outside of the html directory using php. i guess i would need bash script or something lower level to manipulate the entire process

  7. #7
    Join Date
    Jan 2012
    Location
    London, United Kingdom
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    Quote Originally Posted by ggalan View Post
    i cant seem to create files outside of the html directory using php.
    That's more than likely down to your directory permissions. Chmod the required directory to give your script read/write/execute access.

  8. #8
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default

    i have the www directory as
    Code:
    sudo chmod 777 /var/www/
    but cant make anything outside of html

  9. #9
    Join Date
    Jan 2012
    Location
    London, United Kingdom
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    Yes that should allow you to write to /var/www/

    say you want to write to any subfolder in /var/www/ you would need to add a -R to your chmod commad to give it recursive permissions e.g
    Code:
    sudo chmod 777-R  /var/www/
    If you're wanting to write to say /var/someotherfolder/ you need to make sure that directory too has the appropriate directive access by chmoding it.

    Be warned when changing directive permissions in that you don't affect the security of your application.

  10. #10
    Join Date
    Jan 2008
    Posts
    441
    Thanks
    67
    Thanked 4 Times in 4 Posts

    Default

    is it possible to create a directory called "conf.x" inside httpd
    and give conf.x 777
    while httpd has 755
    and write into conf.x
    ?

    re: it seems to work
    Last edited by ggalan; 01-03-2012 at 06:47 PM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •