On 16 ago, 14:16, Super Steve <[email protected]> wrote: > What are your recommendations for setting permissions on a directory > so I can allow my PHP scripts (run by Apache) to write to the > directory but without resorting to setting the permissions to 777 > which allows anyone to write to the directory? Should I be changing > the owner or group on the directory? If so what should I be changing > it to and how should I change this since I don't have telnet access? > I would still like to have full FTP access to the directory as well.
Sorry for the late reply. Short answer, there's no (easy practical) way to accomplish that when the PHP handler is mod_php . If you are worried about security you should move or get the PHP handler changed to FastCGI or suPHP, as with these handler PHP scripts run with the authority of the associated FTP users, avoiding these permission conflicts while keeping the security tight. Using mod_php is not a big security issue in a dedicated server but I would be worried in a shared server, because malicious scripts in other domains can access your files. -- NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected]
