SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Evangelist
    Join Date
    Nov 2003
    Location
    England
    Posts
    540
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    File Upload Security?

    Hi all,

    I have an image upload script, and to make it work i've had to change the permissions on the upload directory to allow write to all..

    However, im concerned about the security implications of this, after all, anyone can now write to my directory.

    What is the best method to solve this, can I change directory permissions from php in order to save the file, then set permissions back, have I got the wrong set of permissions? what other options are there?

    Thanks in advance,
    Matt.

  2. #2
    SitePoint Evangelist Andrewaclt's Avatar
    Join Date
    Dec 2003
    Location
    Raleigh, NC
    Posts
    535
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Put the folder and the script in the same group and set the permissions that way, assuming your under unix variant. Also make sure the script only accepts image file extensions...


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •