permissions

A

Anonymous

Guest
Hi

I've built a CMS ... I need to be able to upload images, however for that to happen, I need to cmod the images directory 777 no? What type of danger am I opening myself to if I keep the directory open with those sort of permissions?

If I FTP I can set the folder permissions, from php the cmod function does nothing. Any suggestions for how I can allow uploading without keeping a folder open with 777 permissions?
 
keep a folder below the public_html for your images that will allow you to have a little safer 777 folder. Only other way around that is to run the webserver as the user.

Check out http://suphp.org or http://httpd.apache.org/docs/1.3/suexec.html

note: for suPHP and suEXEC to work you must be using the CGI version of php..
 
You must log in or register to reply here.
Back
Top