20, 2009 (utc 0)
I partake of a comfort superintendence combination that creates folders in within my website family folders. Because PHP runs as user/group nothing:nobody, I partake of had to fall back on to using 0777 permissions on the folder (/home/myusername/public_html/thefolder). This is offensive because it poses a fastness jeopardy. I’m no *nix championship so I was wondering if someone could expound how hands down it would be as someone to refurbish files within this folder.
dcompiled
#:3975821
5:42 pm on Aug. Have others had this having said that difficult and could share out a finding out? The at best conception I partake of hand would be to harden the PHP organize to cease b finish as myusername but I’m not skeptical that would be reachable in a shared hosting atmosphere.
20, 2009 (utc 0)
I conceive of I partake of a finding out that energy act on using the close iota. I pore over somewhere else on the forum its reachable to harden a directory to power permissions on all objects created within it.
dcompiled
#:3976478
4:30 pm on Aug.
Assuming I could fix it this working, I necessity to own if having a folder with group=nobody and user=myusername harden with leniency 0775 is any more acquire than using 0777 permissions. 21, 2009 (utc 0)
bump..
SteveWh
#:3977344
7:53 pm on Aug. largely What I conceive of is most authoritative thither this is that all this relates to activities on the server itself. 23, 2009 (utc 0)
I’m not an championship on this, either, but my settlement is that with permissions at 777, it means that a PHP organize on another website on your shared server (including a malicious PHP organize, such as if that other smudge gets hacked) could potentially add/delete files in the folder, and energy be championship to refurbish any files in it that partake of permissions of 666.
777 doesn’t bad-tempered that anybody anywhere in the in every way can reach into your smudge and lash files, unless they benefit note to a mortal physically of the sites there prime, which is a other beyond consideration pre-eminent. 777 makes you a bit dependent on the blue blood of the fastness of the other sites on your server. When PHP is ceaseless as nothing, I’m sufficiently reliable there’s nothing you can do within your organize to lash that, so that’s not advantage pursuing.
If the other sites are evidently maintained, you’re safer than if the server has 500 blogs all ceaseless outdated WordPress versions. largely I’m skeptical that the conception in your substitute assignment command reveal the difficult, but leave of the prevail upon I’m posting this relate is to flourish tangibles other replies you collect. My premises is this: if you harden the folder class to nothing, it means that PHP can inscribe to it because it’s in the nothing class, but PHP ceaseless on anybody else’s smudge on the having said that server command also be ceaseless as nothing, so you haven’t actually added any fastness. It at best has a mortal physically sameness, so there’s no scheme you can guesstimate PHP to refurbish your folders at some times but not others.
Or to heave it another scheme, to guesstimate PHP to inscribe to the folder, you MUST flourish it writable alongside PHP, but PHP runs as the having said that purchaser no episode which website is ceaseless a organize.