Results 1 to 3 of 3
Aug 27, 2003, 13:05 #1
Security Issue - need to be clarify
I am currently creating a website that will be utilizing PHP, especially the administrator control panel. The administrator will be able to upload new files and to the server through these PHP scripts into designated folders. A concern came about to me the other day that got me confuse. The PHP pages will be either protect by another login script with cookie information or by .htaccess. But what will protect the folders that will contain files the admin uploaded for the general public to view. For example the site contains a picture gallery that is open to the public to see. The admin uploaded the file into the folder, where that folder was probably set to CHMOD 777. By having this folder set to write, does this allow other visitors to place files in there. I hope I explain this clearly. Please respond very confuse person here
Aug 29, 2003, 07:50 #2
- Join Date
- Oct 2000
- Austin, TX
- 0 Post(s)
- 0 Thread(s)
It doesn't allow visitors to put files in the folder, but it does allow other users on the server to put files in that folder, or delete files that have been uploaded. If possible you should change the group of the folder to www (chgrp) and chmod it as 775.ck :: bringing chris to the masses.
Aug 29, 2003, 08:33 #3Originally Posted by Anarchos
Do you by any chance have or know (even a thread) a place where i can get a complete layout of all the "Chmod" commands and what they do ?