Running Yii Without 777?

Hello Yii community !

I was introduced to Yii 6 months ago by a course I had in my college. So far I had no major problems with it, until now:

I’m developing a CRM for some small company which server is on “Linux-Hosting” company.

When I created the starting app locally and moved it, together with the Yii folder to their root directory (domain/www/html) I got the message of :

"Application runtime path "/html/VolApp/protected/runtime" is not valid. Please make sure it is a directory writable by the Web server process."

Now usually , on my college server I went to one of the pc’s there , found the directories and made them writable.

Here, however , after downloading Filezilla and changing the chmod from 755(or 775) to 777 the server is blocking me with "Sbox" error.

I contacted the company’s technicians who told me that turning a file into 777 is a serious security flaw and they can’t allow it , and that it is YII’s problem.

So , any ideas how can I run Yii in a 755 ? (775 also says the directory is not writable)

I’d be very glad if someone could help me cause it’s part of my final Engineering degree project.

Thanks,

Mark.

I suppose you have only two options:

  • either your webserver runs under the same user as ssh/ftp

  • or you have to set 777.

Ask your technicians how you’re supposed to upload files from web application to your web folder, maybe there are some other options available.

Hello Orey and thank you for your reply.

Unfortunately, this particular server doesn’t allow 777 , so I can’t do much about it.

I’m uploading files directly through the server file manager or with FTP program (FileZilla)

The interesting thing is: The technicians say that “Wordpress” works fine on the server, though as far as I know , it requires 777 as well.(don’t have the means to check that)

Mark.

Probably webserver works under regular user, thus you need 755

Btw if you’re able to create folders from php script, then the problem is solved.

Hello,

Well, I have no problems uploading files through joomla nor wordpress upload.

I never had to change anything to 777.

I fear I haven’t understood that.

Would you mind explaining a bit more?

Thanks,

Mark.

Here’s how it works.

The folder is accessible to webserver for writing if

  1. server runs under the same user that created the folder, and folder is 7xx

OR

  1. server runs under the same group that user belongs to, and folder is 77x

OR

  1. folder is 777

When you upload the folder via ftp/ssh, it belongs to user.

When you create the folder from your web application, it belongs to server.

So if you create the folder from web app (mkdir), it will be writable to web server.

I wonder if Yii can recreate runtime folders in case of deletion, never tested that. But definitely you should give it a try.

(rename you runtime to runtime.old and open any site page)

Btw if Yii doesn’t recreate the folders, you can write a simple php script that creates these folders, and run it from your webroot.

In this case folders will belong to user under which webserver is running.

PS. there is more on that, mod_php vs cgi, but let’s not discuss it for now.

Ah , lol. I really feel stupid now: I don’t know how, but the runtime folder was missing from the app , together with 2 more folders.

Have no idea how it happened cause i zipped the entire app folder.

Anyway , I uploaded a new one with Filezilla and now it works well without 777.

Thanks and sorry.

Mark.