Can't use CHMOD 777...what can I use?

Discussion in 'Site & Server Administration' started by jpigford, Apr 3, 2006.

0
  1. #1
    So certain sites on my server have been through a nice string of phishing attacks lately. The vulnerability they've been exploiting was the fact that some directories where chmod 777 (for file uploads). So since I can't use 777 for those directories, what CAN I use to let me (and other uses) upload files.

    I've tried 755 and 766 but get a Permission Denied error from my PHP code.
     
    jpigford, Apr 3, 2006 IP
  2. nicknick

    nicknick Peon

    Messages:
    429
    Likes Received:
    21
    Best Answers:
    0
    Trophy Points:
    0
    #2
    You could use 776 I suppose. That would give users and root write access but not to guests. Or maybe 774.
     
    nicknick, Apr 3, 2006 IP
  3. seowebguide

    seowebguide Active Member

    Messages:
    258
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    73
    #3
    775 is what I would try first...although I have seen scripts that simply will not run without 777.
     
    seowebguide, Apr 3, 2006 IP
  4. empservices

    empservices Peon

    Messages:
    975
    Likes Received:
    26
    Best Answers:
    0
    Trophy Points:
    0
    #4
    try chown user.group filename
    This will allow you to change the file without letting anybody else do so
     
    empservices, Apr 3, 2006 IP
  5. daredashi

    daredashi Well-Known Member

    Messages:
    667
    Likes Received:
    31
    Best Answers:
    0
    Trophy Points:
    120
    #5
    if its shared or open source script most likely it won't run without 777 perm
     
    daredashi, Apr 7, 2006 IP