 |
 |
Find a programming school near you
php-db | 2001011
Date: 01/08/01
- Next message: Julio Cuz, Jr.: "[PHP-DB] PHP Recompile"
- Previous message: Steve Bern: "[PHP-DB] Re: Open Client"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 14 Dec 2000 14:53:49 -0500, you wrote:
>Hello,
>I am trying to create an upload/admin script for authorized
>users to add (and manage) files that are viewed by others.
>The scripts for managing this are stored in one subdirectory,
>the files are stored in another subdirectory.
>
>- Why do I have to set 777 permission for the file directory
>to upload? Specifically why do I have to give execute
>permission to write files? And is this dangerous, since
>if there is a security hole on uploading, someone could
>upload and execute a malicious script? I really want to
>set read and write permission to that directory, and restrict
>write permission to authorized users.
>
>- Is setting 777 dangerous for directories that users
>have access to? What restriction should I have here?
>The internet security faqs seem to focus a lot on firewall
>theory and I can't find a specific answer to this.
>
>Thanks,
>Scott at scott <email protected>
If you mean 'write' files being the text files, make them '.txt' files.
Put and get can deal with them and you can 777 each .txt filename you will be
writing to.
---- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: php-db-unsubscribe <email protected> For additional commands, e-mail: php-db-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Julio Cuz, Jr.: "[PHP-DB] PHP Recompile"
- Previous message: Steve Bern: "[PHP-DB] Re: Open Client"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
