1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 7:02 am May 2, 2026

Forum Moderators: phranque

Message Too Old, No Replies

permissions issue

         

iambic9

1:21 pm on Feb 10, 2010 (gmt 0)

10+ Year Member



I'm having some difficulty setting up some file folder permissions and just need to check what I'm doing isn't dangerous or stupid!

We're on a dedicated virtual server, safe mode is off, no other sites on this server, Apache (some version) and PHP 5x. We're trying to write to a cache file but no matter what.. the only way I can do it is if I set the folder to be world writable!

Can anyone take a wild guess as to why this might be? and is it a security issue?
Our site files sit in a httpdocs folder, this is set to 750. I've kind of always assumed 777 was like leaving the door wide open. The Cache folder is owned by "ourusername" and the group is "psacln"<(--- not sure who that is, but it might be relevant.

I think it has something to do with what apache is running as...

Basically I'm just trying to work out whether to sweat a little or give our app 777 where it needs it, but I don't want to open up a security issue.

Thanks!

[edit]spelling[/edit]

jdMorgan

2:01 pm on Feb 10, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Of course you don't want that file to be world-writable -- or any file, for that matter.

I suggest that you ask your host or server admin about the permissions and process "owners" on this server -- What runs as who, and when.

In a pinch, your app could chmod the file to make it writable, open it, write to it, close it, and then chmod it back to 'protected'. But really, 'security' has to start with the basic server configuration. On a VPS, I wouldn't expect such problems, but you might indeed need a dedicated managed server if you stay with this host and their 'standard' server configuration.

Jim

iambic9

2:58 pm on Feb 10, 2010 (gmt 0)

10+ Year Member



OK thanks, I had a feeling it was wrong but needed to be sure before I started telling people this is set up wrong, I did think of modifying the permissions where needed, but this is a relatively complex app and we'd be doing it everywhere all the time to the point where it would get a bit silly, thanks for your input, we need to work this out with a server admin by the looks of things.

I won't say who as per the TOS, but you might find JQuery amongst others hosted there, and I figured things would be setup correctly because they're not one of the cheap hosts, which left me wondering if world writable was OK in some configurations.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 7:02 am May 2, 2026