https://bugzilla.wikimedia.org/show_bug.cgi?id=43252
--- Comment #1 from Brion Vibber <[email protected]> --- Well... You don't need 777 if it's actually owned by the web server user, then you can use 755 or such. But on typical shared hosting that may still leave you open to other users. Frankly this is a security problem with many shared hosting environments that's just something you have to live with; unless you can reconfigure to running your web scripts under your own user account. A more 'secure' method might be to store files in database but this isn't done yet (and of course, any other web user on the machine can probably get your database usernamd and password out of your config files so... that might not be any more secure.) -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
