Re: Using system call + wrapper?

> I am trying to allow people to save images from their file system to a
> directory on my machine called images, for example the path that I want to
> save to is /usr/local/apache/htdocs/project/images/.
>
> Obviously from above I am using an Apache web server, PHP and PostgreSQL.
> My problem is that you need sudo access to save anything to this
> directory so I get a "Permission denied..." error on the browser. I want
> to save the image to the images directory and save the path to a table in
> my database, however I can do neither in the current situation.
>
> It was suggested to me to use a wrapper that invokes a system call such as
> system('sudo upload.php -p password') that will run the program in sudo
> but I really don't know where to start with this??

The easiest thing to do is allow the web server write access to the upload
directory or perhaps some creative use of sym links would work.. This one is
a little out there but you could also save the files in a temporary
directory and have a cron job every minute or so go through and copy
everything in that directory over to the one you need the files in. If
you're using PHP as an apache module then I don't think you can run a single
script as a different user, though you might want to check on apache's
su-exec functionality for CGI scripts.. If you're running a CGI you could
always use the ever-so-insecure suid bit solution but I would suggest
against it..

Good luck!

-Mitch