0707 Permissions

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

0707 Permissions

Postby cpetercarter » Thu Dec 01, 2011 2:28 am

I have recently set up a site on a shared-hosting server. PHP runs under FastCGI. The web hosting company seems to have set the server up so that any newly created directory has 0707 permissions. This is looks like a significant security risk. I thought that one of the main advantages of FastCGI was that PHP does not need world-writable permissions, even for directories where it needs to write stuff. Or have I missed something?
cpetercarter
Forum Contributor
 
Posts: 474
Joined: Sat Jul 25, 2009 2:00 am

Return to PHP - Security

Who is online

Users browsing this forum: No registered users and 2 guests