Hi all,

Relative newbie here, and I am just coming to grips with something that I
think is a very bad thing... Please tell me I am wrong.

When using PHP, it is the Apache user that actually performs things, and
therefore needs permissions. For example, if I want to write data to a file,
I have to chmod o+w the directory it's in to get that to happen.

The trouble with this, is a shared environment, doesn't this give anyone who
can use PHP on your system the ability to write over any other user's file
if they know the name of it? Am I missing something fundamental here?

Any help would be appreciated!


Bill Leonard                                           [EMAIL PROTECTED]

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to