i am running a php+mysql site on a lamp ubuntu cloud server (amazon ec2). i use php sessions.
for every session (SID), i need to create a temporary folder which is a subdirectory of www and has the session Id as its name (unpredictable, therefore cannot be pre-created). for example: /var/www/fileStore/s35S10nT3Mp/.
i will later access files in these folders from a javascript (client side) function.
i am working under the assumptions that:
- anything executed (or called) by the php code will run under the user www-data (apache php user)
- client-side javascript cannot access a subdirectory OUTSIDE www (for example: /var/outsideFileStore/s35S10nT3Mp/, where webroot = public_html = /var/www)
i have a security issue with giving user www-data write permissions in a subdirectory of www, because that leaves the server and data in these folders too exposed.
i would like to know if a php session can trigger (or call) a server script / process that runs under another user (who would receive write permission in /var/www/fileStore/), not www-data. this process would then create (and garbage collect) these temporary folders.
corollary: in case this cannot be done under apache, would tomcat help (if i ran php under java as opposed to http_server)?
You could compile an executable with the identity bit, owned by this alternate user. The PHP script would exec this program, which in turn could simply run the actual PHP script of your choice.
The program could be written in Perl as well — it’s the only scripting language that Linux systems permit to have the identity bit.