SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Addict
    Join Date
    Oct 2009
    Location
    London, UK
    Posts
    382
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Permissions, permissions, permissions

    Hi there,

    I'm creating a CMS for a photographer in PHP. She wants to create and delete galleries, which means creating new directories and copying files on the server.

    Whenever I create or copy a file or directory, by default its permissions are set to something like 0755 by default, but in order to delete directories and files I need their permissions to be set to 0777. My question is, are there any inherent security issue with doing this? Am I setting my self up for trouble down the road if some vagabond decides to start deleting my photographers galleries?

    Many thanks,
    Mike

  2. #2
    Twitter: @TimIgoe silver trophy TimIgoe's Avatar
    Join Date
    Feb 2005
    Location
    Blackpool, UK
    Posts
    1,058
    Mentioned
    27 Post(s)
    Tagged
    1 Thread(s)
    The potential risk is if something or someone else with access to the server wants to do something destructive, the better answer is 0775 and make sure your client is in the same group (permissions are, User, Group, Everyone) - allowing Everyone isn't a good plan, but allowing a controlled group is fine.

  3. #3
    SitePoint Addict
    Join Date
    Oct 2009
    Location
    London, UK
    Posts
    382
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Ok, thanks.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •