php - Is setting the uploads folder 777 permission secure? -


I have seen cutting out many upload forms, and in some, some uploaded files actually had a good security check. (At least I think so), but still managed to upload any single PHP file.

I was thinking: Is there a way to upload files in the uploads folder that has 777 permissions? I'm thinking of using HTTP PUT.

In general 777 unsafe is happening as it is ... its meaning That anyone can read and write your files

If you are allowing uploading files to tamper with you then HTTP PUT is not naturally secure from any HTTP post.

Overall, if you have to allow arbitrary files to execute, you have to do a very good file to check for server-side, and Croit It would be wise to use it.

Permission-wise, I usually reach to some web-webserver user-owned 644.


Comments

Popular posts from this blog

MySql variables and php -

url rewriting - How to implement the returnurl like SO in PHP? -

Which Python client library should I use for CouchdB? -