homepage Welcome to WebmasterWorld Guest from 54.197.183.230
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
777 security
php create file
copongcopong

10+ Year Member



 
Msg#: 1019 posted 12:01 am on Dec 3, 2002 (gmt 0)

I been working on a php script that creates a file if the it does not exist. (fopen("w")) however, it would only work if I set the folder that would hold the created file to permission 777.

i am wondering if there is a security issue that i need to account in doing this?

btw if i attempt to check the folder (set to 777) via the site (e.g. www.abc.com/folder/) it will still not list the files there and give the forbidden error message. Does that mean it safe for me to use 777?

thanks.

 

EliteWeb

WebmasterWorld Senior Member eliteweb us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 1019 posted 12:34 am on Dec 3, 2002 (gmt 0)

Depending how your webserver is setup depends on what can happen and of course the permissions of the account and who its owned by. 777 gives full permissions, if the program using the permissions is 'secure' than you should be alright, but you also have to look at LOCAL security to ensure other users on the box will not be able to manipulate information.

copongcopong

10+ Year Member



 
Msg#: 1019 posted 12:54 am on Dec 3, 2002 (gmt 0)

just to add ... my php is configure at safe mode if that matters.

:)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved