 |
 |
Find a programming school near you
php-db | 2000121
Date: 12/14/00
- Next message: Larry Rivera: "[PHP-DB] re: Dire Permissions"
- Previous message: Rouvas Stathis: "Re: [PHP-DB] R: [PHP-DB] Compiling with Oracle(8) Support"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
I am trying to create an upload/admin script for authorized
users to add (and manage) files that are viewed by others.
The scripts for managing this are stored in one subdirectory,
the files are stored in another subdirectory.
- Why do I have to set 777 permission for the file directory
to upload? Specifically why do I have to give execute
permission to write files? And is this dangerous, since
if there is a security hole on uploading, someone could
upload and execute a malicious script? I really want to
set read and write permission to that directory, and restrict
write permission to authorized users.
- Is setting 777 dangerous for directories that users
have access to? What restriction should I have here?
The internet security faqs seem to focus a lot on firewall
theory and I can't find a specific answer to this.
Thanks,
Scott at scott <email protected>
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: php-db-unsubscribe <email protected> For additional commands, e-mail: php-db-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Larry Rivera: "[PHP-DB] re: Dire Permissions"
- Previous message: Rouvas Stathis: "Re: [PHP-DB] R: [PHP-DB] Compiling with Oracle(8) Support"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
