Bad file permissions when uploading a file

[jaimestuardo]

I think there is a bug when uploading an image (for example, the logo or product images).

Inside media folder, logo folder is created with 770 permissions. Below it, another folder is created again with 770 permissions. Finally, the image file is created with the same permissions.

I tried a lot to override that behaviour, at operating system level, however, whatever I do, the file is saved with those permissions.

The right is to create folders with 775 permissions, and files with 664 permissions.

Regards
Jaime

[jaimestuardo]

I have found the solution for this.

I have opened the file /vendor/magento/framework/Filesystem/DriverInterface.php and modified constants WRITEABLE_DIRECTORY_MODE and WRITEABLE_FILE_MODE to be 0775 and 664 respectively.

Since the main problem was solved, the Magento bug is other now. When I uploaded, for example, the logo of the site, the image file used the permissions WRITEABLE_DIRECTORY_MODE instead of WRITEABLE_FILE_MODE.

Any comments about this?

Regards
Jaime

[daim2k5]

Please see #2525 and/or #2412

[jaimestuardo]

Thanks but even those references are related, they are not the solution, and I will explain you why:

First of all, after installing Magento 2, I did all those posts tell. No problem with that.

The problem is after Magento was installed and tried to upload a file to media folder.

In my case, web sites are run by the apache user as normal, so, it is very easy to "chown" all files and folder to belong to apache user and webusers group. I did that way at first. So far, so good.

But the problem happens when I upload a file from the Magento administration interface. When a file is uploaded, the folders and files are created belonging to the user and group owner of the hosting account, and since web site is run as the apache user, for the newly uploaded file, "apache" user belongs to the "others" permissions group. That is why I needed the read permission for others.

That is why, I have opted to chown again the files and folders to the hosting user, set 755 for folders and 644 for files and finally, modified the file I have wrote above, so that for newly created files, apache could read successfully.

In summary, this problem is likely to exist in all servers that hosts multiple accounts (for example, hosting resellers, such as my case). In all hosting providers I have some experience with, I noticed that public_html folder, that is below each home folder account, assigns the same account user for all web files, and 755 and 644 permissions for folders and files,respectively. While, web sites are loaded by the apache user for all hosting accounts.

Regards,
Jaime

[davidalger]

If the only issue you have is due to the group being other va webusers, setting the setgid flag on the pub and var/generation directories will solve that. The permissions being set are being set by Magento and there is a duplicate issue open to deal with that, #2412. Closing as duplicate.