Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Permissions' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Permissions
Authored by: nullprogram on Jan 08, '02 09:38:50PM

The proper permission level for web-served files is 644 - even if you change the files a lot. You don't need execute permission to change files. Directories should be 755, not 777. 755 prevents other users from modifying the directory. 777 leaves you wide open.



[ Reply to This | # ]
Permissions
Authored by: zellpharm on Jan 08, '02 11:26:16PM

You would be correct in with the privilesges you suggest however PHPNuke and many 3rd-party modules need write privs to the folders.
Again, if you secure admin.php with the file upload mod then you are safe from the Nuke security hole. You're at your own risk if you have other serevices open though...



[ Reply to This | # ]