Look in you apache.conf file and find out what user the web server runs
as, then give that user the right to write to that directory, probably
through a group used for nothing else is most secure.
Brian Mauter wrote:
>To get around this, I made a small shell script which runs as root. The php
>page calls the script via the system call. All the shell script does is
>move a specific file from tmp to a specific location.
>I'm probably asking for someone to exploit it, but I don't know exactly what
>they can do.
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]