Handle write permissions in ubuntu for uploads or code generators

Usually we need to change directory/file permission to able to write files. This may be for uploads directory or code generation tool. But most of the time some developers do bad thing, that the give permission 777 to the directory/file and get work the done.

sudo chmod -R 777 /path/some-directory

Here the script which throws the write permission error, now executes smoothly as it has got the 777 permission. But here we compromised serious security risk. Permission 777 means that is read/write/execute to everybody in the system, thus creating loop hole for security.

Instead of assigning permission 777, we can assign 775 and add the user who runs the script(which thrown the permission error) in the user group of the directory/file.

Following command adds given user (userName) to particular group (groupName)

sudo usermod -a -G groupName userName

Above will add user which runs the script to the group of users of directory/file which need write permission. Here I am assuming that your directory/file already has write permission i.e. user group has writable permission. You can also check members of user group from file “/etc/group”.

For web applications where Apache is the web server, you can add “www-data” to group of users. For PHP yii framework you need to set writable permission to some directories while development so that code generators can work.

This was just to give alternative way(good) to the developer who quickly give 777 permission to avoid/fix permission error. There are many more things you need to care when you think from security aspect. Avoid globally write is surely one of them.

Happy coding 🙂

 

 

Some ref.

https://help.ubuntu.com/community/FilePermissions
http://askubuntu.com/questions/79565/add-user-to-existing-group
http://www.cyberciti.biz/faq/linux-list-all-members-of-a-group/

Passing variables from PHP (Server-side) to Javascript (Client-side) in Yii.

There are many occasions on which we need to pass some php variables to javascirpt, like application’s base-url as base path for Ajax requests or Application’s information.

We need to embed php code lines in js, wherever we need some php variable value.

<script type=”text/javascript”>
var applicationBasePath='<?php echo Yii::app()->request->baseUrl; ?>’;
// Some javascript code using applicationBasePath
</script>

If we want to keep js code in javascript files only, instead of embedding php code in javascript.

I think, what better we can do is that, we can create global js variables at one place and use in any javascript code on the page.

$clientScript=Yii::app()->getClientScript();
$clientScript->registerScript(‘MyApplication’,’var MyApplication=’.CJSON::encode(array(‘baseUrl’=>Yii::app()->request->baseUrl).’;’,CClientScript::POS_HEAD);

This will create MyApplication as global variable in javascript which will be accessible all the scripts on current page.

Here we have to carefully choose the names of global js variables (like MyApplication which I have used here) in order not to match with any other variable in javascripts on the page.