Results 1 to 3 of 3

Thread: Is this permission safe?

  1. #1
    Join Date
    Feb 2008
    Location
    Sri Lanka
    Beans
    242
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Is this permission safe?

    In order to create CSV files using php, I have had to give the 777 permission to my folder /var/www/Proj.

    It works fine. But my question is if this is safe? If this were a public domain, wouldn't it mean that anyone visiting this folder will have RIGHT permissions to it?

    Any thoughts on this would be really appreciated.

    Thanks!
    In the past I built solutions looking through a Window. But now I see how big the world is.

  2. #2
    Join Date
    Dec 2009
    Beans
    Hidden!

    Re: Is this permission safe?

    well...if someone was able to inject code into your site then they could potentially overwrite everything in that entire tree...

  3. #3
    Join Date
    May 2006
    Location
    Boston
    Beans
    1,909
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Is this permission safe?

    you can create a subfolder where you keep you CSV files and apply to it the 777 permisions. this way your root-site folder can have limited access permisions like a 755 or even less.

    blog
    Donations BTC : 12FwoB7uAM5FnweykpR1AEEDVFaTLTYFkS
    DOUBLEPLUSGOOD!!

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •