On Thu, 30 Aug 2007, Gary Mort wrote: > I set the mode to 777 just to make sure the directory would be created > completely unsecured(I will also note that does not happen, instead the > directory is created as 755 which should STILL be acceptable since the > script itself is the one creating both directories and thus should be > the owner).
That's probably were you're wrong: more often than not, the script will be running as the same user as the Apache process (after all, the Apache process hands off to the PHP module). So the script is running as "nobody" or "www" rather than the owner of the files. -- Aj. (wearing sys admin hat). _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
