Credit Reports - Loans - Personal Finance - Loans - Mobile Phone deals
PDA

View Full Version : 777 and 773 - how can I tighten security?

Kerosene
Jul 3rd 2007, 5:46 pm
I'm working on a site that requires a 777 folder to use as a cache.
It also work as 773 - but anything else breaks the entire site.

Just how unsafe is a 773 directory?
The directory is emptied each night (cronjob) if that makes any difference.

And considering I can't change the script that uses this 773 directory, is there any other way I can tighten security?
eukvps
Jul 4th 2007, 1:29 am
I'm working on a site that requires a 777 folder to use as a cache.
It also work as 773 - but anything else breaks the entire site.

Just how unsafe is a 773 directory?
The directory is emptied each night (cronjob) if that makes any difference.

And considering I can't change the script that uses this 773 directory, is there any other way I can tighten security?

Even with 773 you are making that folder as world writable , so it is as dangerous as 777.

In this case nothing can be done other than monitoring that directory , only one thing can be done.

Place that directoy in home directory same level your public_html exists, so even if they are able to upload files it will be very dfficult for them to run script uploaded in that folder.

Regards,

Arun K
---------------------
http://www.eukvps.com
Cheap & Reliable VPS Hosting
Kerosene
Jul 4th 2007, 1:40 am
Place that directoy in home directory same level your public_html exists, so even if they are able to upload files it will be very dfficult for them to run script uploaded in that folder.
Good suggestion - thanks. Just how safe is it having them at same level as public_html? Safe enough for me to consider the security issue 'solved'?

To change the cronjob once I move the directory, do I just change
rm -rf /home/accountname/public_html/mydirectory/*
to
rm -rf /home/accountname/mydirectory/*
eukvps
Jul 4th 2007, 1:46 am
Good suggestion - thanks. Just how safe is it having them at same level as public_html? Safe enough for me to consider the security issue 'solved'?

To change the cronjob once I move the directory, do I just change
rm -rf /home/accountname/public_html/mydirectory/*
to
rm -rf /home/accountname/mydirectory/*

Yes just change path of directory, and it is more safer than putting it some where under public_html as any one can target directory directly. So security problem can be 97% solved.

Use rm -rf /home/accountname/mydirectory/*

Hopefully that should resolve your issue.

Regards,

Arun K
----------------------
http://www.eukvps.com
Cheap & Reliable VPS Hosting
Mxhub
Jul 8th 2007, 11:16 pm
set as 755, at least. best is 700 if you are the only one using that file.