I have app wrote in php that saves and reads sensitive information into file /sensitive/sensitive.txt
. File that is saving and reading sensitive information is user.php
. The whole app is in a separate folder.
Ideally only root user could read the sensitive file. I want to make sure that even if there is some malware file inside ftp created by apache or ftp user in past, it won't be able to read the sensitive file through file_get_contents function.
The problem is that the file is created and read with user.php on http request and as result the file owner becomes user apache. Even if I could change owner of this file to root, the next problem is that user.php won't be able to read the file when http request is triggered because this will be apache user executing the user.php file and thus apache user reading the sensitive file.
Is there any solution to this problem? How could I let user.php to read/write the sensitive file on http request but not allowing any other file to read it?