In article <[EMAIL PROTECTED]>,
 [EMAIL PROTECTED] (Craig Henderson) wrote:

> Today a hacker managed to overwrite the text file I was using to
> store all the messages, which really isn't that big a surprise considering
> the permissions to the folder it is kept in are wide open thanks to my
> hosting company.
> My question is, is there anything that I can do so that only PHP scripts on
> the server are able to access the file?  Or am I going to have to contact my
> hosting company and see if they can figure out how to set the permissions
> properly?

How about option #3: walk away immediately from a hosting company that is 
so blantantly negligent/ignorant about such an basic security issue?  Yikes.

(Your FTP program doesn't allow you to change permissions?  'Cuz if your 
current one doesn't, you might wanna check around for one of the other FTP 
clients that do...)


PHP General Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to