Jump to content

Chmod For Custom Script


OJB

Recommended Posts

Hey everyone

 

I have just about finished building this custom script I wrote...

 

 

Problem is I have 3 folders I need to allow people to upload to and delete from... but if i have CHMOD any lower than 755 it doesn't seem to allow this.

 

Would 755 be secure enough? I only allow uploads in the form of .zip/.rar/.mp3/.gif/.jpg/.jpeg via checks in PHP... but the last thing I want to do is allow my site to be compromised and get shut down for security reasons

Link to comment
Share on other sites

Unfortunately FTP is not really an option for my site.... :)

 

 

I have people registering, paying for the service, uploading some files, being able to delete the files (from the DB and server)... I can't really register FTP accounts for everyone, and also, I need to allow certain people access to certain other peoples files (to download)....

 

It's all quite complex... and I can't really think of a better way of doing it, but 777 ;) *sigh*

Link to comment
Share on other sites

There is no way around the 777 permissions using a script to upload since the script is running as user "nobody" the default user for the web server.

 

If you were working with only one folder you could ask the help desk to change the ownership of the folder to user "nobody" and then be able to set it to 755 but still, anything would be able to be put into that folder and run from that folder.

Link to comment
Share on other sites

I have people registering, paying for the service, uploading some files, being able to delete the files (from the DB and server)

 

Can this folder be placed in a password protected area to limiit access to your only your registered clients, whick limits exposure for your website?

 

I use an upload form and folder stored within a password protected directory for clients that just can't handle FTP software but are not a great hazard for me as I have limitations for size and type of files within the upload form also.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...