Knowledgebase
Knowledgebase
Portal Home > Knowledgebase > Articles Database > File Permissions
File Permissions
Posted by Troy297, 12-29-2007, 12:03 AM First off let me apologize if this is in the wrong forum, I was unsure where to post it. Anyway, my question is relating to a "DJ Panel" that I am making. I am looking into various file permissions and was wondering if all PHP files that are part of the DJ Panel have file permissions of 0666 will that pose any kind of security threat (make life easier for hackers) or do you see any downside to doing this? Any input is greatly appreciated. Thanks!
Posted by activelobby4u, 12-29-2007, 09:04 AM My vote for 644
Posted by foobic, 12-29-2007, 06:52 PM The common standard for PHP applications would be 755 directories, 644 files, but then you might want something more restrictive for sensitive files (eg. config files containing passwords) and something more relaxed for writable files / directories on systems running mod_php. You cannot just set everything 666. If you're distributing an application you need to check whether PHP is running as the user or as apache and set permissions accordingly.
Posted by Steve_Arm, 12-29-2007, 07:41 PM 0777. Following the "share" paradigm. Really it depends though. If it's your server and nothing else on it 644 is fine. For paranoid security i use sudo. Imagine I couldn't care less since on my servers what goes in there has only been coded by me. Anyway, write more, sleep more. On a php upload you can grab the temp file as superuser and move it to the actual directory which doesn't have to be owned from www or be 0777. Then anyone who might have skipped validation and uploaded a malicious file he just can't run it.
Add to Favourites 
Print this Article
Also Read
