I have some PHP scripts which allow uploading of files and storing of those files inside the docroot somewhere. I cannot store the files outside of docroot!!!
PHP is also running as user: apache
For the reasons above I have been trying to figure out a secure alternative using shell scripts.
My plan it to create several shell scripts:
- movefile.sh
- deletefiles.sh
- createfolders.sh
The idea is to hopefully have PHP invoke each of these shell scripts programatically as the need arises. After PHP uploads a file from the browser it needs to move it to a directory inside the docroot, something like:
var/www/uploads/
I figured I could store files inside uploads with the permission 755. The problem is PHP is user: apache and if it's responsible for creating the directories/files theat means they are not secure from tampering from the outside world - I think anyways.
So what I was thinking: If it's possible to create the above shell scripts and have them run as a different user than "apache" (or whatever its run as) such as a "shell". So long as the shell scripts are the owners of the files/folders then writing to them any other way with permission 755 is impossible (especially from the outside world).
My question becomes, is there a way I can make a shell script run under a specified user when invoked rom PHP or does the shell script inherit PHP's attributes, thus becoming user: "apache".
I've poked around Google and found a few articles and it seems possible by setting the script SETUID flag???
Now your familiar with my situation, what can you recommend? Is this possible?
I am aware it's possible to run PHP as it's own user (phpsuexec or CGI) but because most LAMP setups have PHP run as a apache module I'd rather the shell script approach if possible.
Cheers