------------ Original Message ------------ > Date: Saturday, October 04, 2014 13:50:30 -0400 > From: Jim Giner <jim.giner@xxxxxxxxxxxxxxxxxx> > To: php-general@xxxxxxxxxxxxx > Subject: Re: Re: hacked!! > > On 10/4/2014 1:35 PM, Christoph Becker wrote: >> >> As Richard has repeatedly said, this all depends on who owns the >> files/folders. See >> <http://en.wikipedia.org/wiki/File_system_permissions>. >> > And as I have repeatedly said - I do not know these things. It is > a hosted server and the admins there set this all up. I simply > use it - apparently a little weaker than it s/b. Actually, I've only seen you indicate that you don't know this detail in this and your immediately previous message. You should contract the server admins and find out the answers. If they have set things up so that each shared-host user has their own web server instance, running under the individual account user's id, then you need to decide if security really matters to you, or if you should find a different provider. Not all shared-host setups do the web server instance per user, but some do, and it's an important bit of information to know since there's almost nothing you can do to mitigate the security weaknesses of that type of setup. - Richard -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
