PHP :: Bug #13247 :: Move_uploaded_file set wrong user and wrong group

Bug #13247	Move_uploaded_file set wrong user and wrong group
Submitted:	2001-09-11 09:23 UTC	Modified:	2001-10-08 08:58 UTC
From:	linux at infomaniak dot ch	Assigned:
Status:	Closed	Package:	Unknown/Other Function
PHP Version:	4.0.4pl1	OS:	Cobalt OS
Private report:	No	CVE-ID:	None

View Developer Edit

[2001-09-11 09:23 UTC] linux at infomaniak dot ch

Here is my configure line :

'./configure' '--with-mysql' '--with-gd' '--with-ttf' 
'--enable-bcmath' '--enable-calendar' 
'--enable-memory-limit' '--enable-safe-mode' '--with-imap' 
'--enable-ftp' '--enable-sockets' '--with-apxs'

The script that is used is as simple as :
<?
@move_uploaded_file($file, 
"/path/to/my/directory/filename");
?>

My Apache webserver runs as user and group httpd.
Now the really annoying thing is that whenever my customer 
or myself upload a file, the uploaded file is correctly 
moved but the ownership is set to httpd.root ( user httpd 
and group root ) Now this is a real big problem for my ( 
even without considering the security hole it represents ) 
because my customers cannot manage to erase these files 
anymore afterwards via FTP, because their uid will not let 
them touch these files.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2001-09-11 10:29 UTC] hholzgra@php.net

i'm pretty sure php doesn't touch your file ownerships

more likely you have either root as primary group for
user apache in /etc/passwd or sicky bits set for the
directory ... ?

[2001-10-08 08:58 UTC] sander@php.net

No feedback. Unlikely to be a bug in PHP. Closing.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2026 The PHP Group All rights reserved.	Last updated: Fri Feb 20 21:00:01 2026 UTC