Just remember though, if you plan to use these scripts on a host/webserver, permissions will be a big deal. One of the big differences(problems) between Win and say unix/apache. Just something to remember...
Originally posted by ronnie Just remember though, if you plan to use these scripts on a host/webserver, permissions will be a big deal. One of the big differences(problems) between Win and say unix/apache. Just something to remember...
ronnie
are there any good resources online about this topic? any guidelines about what should and shouldn't be done security-wise with permissions?
It seems my post was taken a different way. While permissions can be a security issue. I was talking more about the difference in permissions on windows v.s. say unix.
What I meant, when using php locally in windows, there is no permissions. Meaning that you don't have to worry about files being writable. But now you get on your webserver under apache/unix and then your script that runs as "nobody" usually, can not write to files you uploaded by ftp, because it does not own them. I just went through this and it can be a pain.
My point was, while these scripts test great on windows. Or you make new scripts and they work wonderfull on windows, you put them on a host and you've got all kinds of new problems. If your scripts have to write to files, you will now have an un expected problem. Unless you now that ahead of time. Just one of the differences on how scripts work locally under windows, v.s. the real work enviorment.
Yes, security is a issue, it comes down to, you leave files open to be writable by anyone, any one could change your files for the worst.
Posting Permissions
Bookmarks