I've got a script that outputs a file to the disk. Now I will get a "Permission Denied" unless the directory it writes to is 777.
I thought that since the script was running on the server, it wouldn't need "World write" privileges, but it does. ???
I'm concerned about security - I don't like leaving directories as world writeable (even though I'm not too sure of the implications).
Thanks for the help.
I don't know why that would be necessary, but if you make the previous directory readable only to you, it won't matter that everyone can write to the lower directory, because they won't be able to get to it.
It needs to be world writeable because, in general, PHP is run as an Apache module. Therefore, your PHP script runs as (usually) "nobody". "Nobody" doesn't have permission to write to a directory you created unless it's world writeable.
(I suppose you could create the directory as "nobody", but then you wouldn't be able to do anything to it except through PHP)
I'd suggest a 707 instead of 777 if you're on a shared environment
What are the implications of these permissions as it applies to security? Should I be worried?
Or should I be concentrating on protecting my scripts with PHP authentication?
OK, here goes:
Ideally the script should be chmod 755, then the script should be chgrp nobody or whatever user you web server runs as. If you need to output multiple files then the best bet would be to do the same process above to the directory the files are written to. You may need your web host to this for you as your username will not be placed in the nobody group.