Hi, ive been using php for quite some time, and never realy new the answer to the point of chmod. If i am the only person with ftp access to my site, whats wrong with files being chmod 777 ? what risks dose it give and how could someone use files being chmod to 777 to there advantage? Paul
I think it largely depends on whether you are on shared hosting, or are on a dedicated server or a properly isolated VPS. Shared hosting tends to be fairly insecure, and there's potential for someone with an account on the same server to cause you some grief if you don't have your account locked down tight. There is also the potential for people to abuse this vulnarability via other unsecure scripting exploits, via telnet, etc, depending on how secure the server is. Here's some articles on the subject:- http://www.askapache.com/htaccess/security-with-apache-htaccess.html http://en.allexperts.com/q/Unix-Linux-OS-1064/2008/5/chmod-2.htm http://resources.bravenet.com/artic...77__is_it_a_risk_when_installing_php_scripts/
Have a read through this easy Chmod Guide:- http://docs.simplemachines.org/index.php?topic=477 Quite simple though..