Is it safe to CHMOD? Is it safe to CHMOD?
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Is it safe to CHMOD?

Started by benseth, May 07, 2007, 11:02:02 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

benseth

May 07, 2007, 11:02:02 PM
Is it safe to chmod the uploads file to 777?

Recently, I have been hacked through a 777 in wordpress which costed me an extra 20$ and 100$ for my sever.  I was not aware of this until my webhost notified me this, this folder was chmoded 777 which allowed worldwide access.  I was wondering if it was safe to make all the album folders 777 in coppermine, or is that a security risk?

Joachim Müller

#1
May 08, 2007, 07:56:08 AM
Read SMF: Why chmod 777 is NOT a security risk. Wether 777 is a security risk or not depends on your webserver setup. If your webhost suggests not applying 777, then you should do so. Ask them what permissions are needed on your webserver to grant the webserver (and subsequently the legitimate scripts on it) to have write access. Usually, the following rule of thumb applies: try CHMODing 755 - if this works fine, that's great. If it doesn't work as expected, you'll need 777. As suggested: your webhost needs to come with a final suggestion. Quite frankly though: I would shy away from webhosting that allows the end user to set permissions in an unsecure manner. If 777 is a security risk on your server, then your webhost should make precautions that you can't CHMOD to 777. That's what my webhost does. That's what all good webhosts do.
Print
Go Up Pages1
User actions