How can they write or edit files there without having ftp access or the site's file manager?
Tijnema ! wrote:
On 5/18/07, Al <news@xxxxxxxxxxxxx> wrote:
I'm on a shared Linux host and have been wondering about security and
directory "other" ["world"] permissions.
The defaults are 755. The 'others' [world] can read them only.
Is there a security hole if a dir on the doc root if a directory has
permissions 757?
If there is a security problem, what is it?
Thanks...
If you have a directory with 757 permissions, "world" can create new
files there.
And if you give files 757 (or 646) permissions, then "world" can edit
that file.
So if you have a doc dir, you probably don't want extra files there.
It's not really a security problem, but if somebody notices it, he
might write files there.
Tijnema
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
