Lunarpages Web Hosting Forum

Author Topic: CHMOD question  (Read 1362 times)

Offline Neco

  • Jabba the Hutt
  • *****
  • Posts: 633
    • http://www.oldskoolgames.com
CHMOD question
« on: June 16, 2003, 08:47:27 PM »
Hi,

I've been toying around with web based file managers, for easy uploading on a sub-domain that will be put to use soon.

The problem is, I can't use it's built in functions to write files, (and I guess upload too)  unless the root folder I'm working in is CHMOD 777. (in this case, the subdomain root folder)

Is this a security risk at all?   As if it is, I'd definitely want to know so I can find another alternative.

Offline snickn

  • Jabba the Hutt
  • *****
  • Posts: 543
    • http://www.snickn.com
CHMOD question
« Reply #1 on: June 16, 2003, 08:53:34 PM »
It's not a security risk if the folder is not in the public_html directory, put a folder on the root directory and download them into that directory, it can be 777 and safe :)

Offline Neco

  • Jabba the Hutt
  • *****
  • Posts: 633
    • http://www.oldskoolgames.com
CHMOD question
« Reply #2 on: June 16, 2003, 09:21:28 PM »
Heh, not quite sure if I understood that..


From what I understand, when I create a sub-domain, it makes a folder of the same name in my  /public_html    folder.

So the folder in question resides  /home/user/public_html/subdomain

All file writing/uploading would be done to the /subdomain   folder.

And as far as I know, it's not possible to store sub-domains above the root ??    


Learning impared <------------

Offline snickn

  • Jabba the Hutt
  • *****
  • Posts: 543
    • http://www.snickn.com
CHMOD question
« Reply #3 on: June 16, 2003, 09:33:52 PM »
Ok, I may have misunderstood your question.

You can't store subdomains above the root, however you can (at least to my knowledge..)  argh, ok, nevermind I just reread what you wrote. Ignore the above the public_html suggestion, 777 probably wouldn't be the most secure option for you.....

Offline Neco

  • Jabba the Hutt
  • *****
  • Posts: 633
    • http://www.oldskoolgames.com
CHMOD question
« Reply #4 on: June 16, 2003, 09:59:51 PM »
Kayo, I'll look into some other options and see if I can tweak it around some, thanks :)

Offline Neco

  • Jabba the Hutt
  • *****
  • Posts: 633
    • http://www.oldskoolgames.com
CHMOD question
« Reply #5 on: June 16, 2003, 11:14:59 PM »
Well I'm running out of ideas on how to approach it.

You sure having the proper .htaccess settings around wouldn't be enough?  


One thing I am trying to consider, is if it's possible to maybe set it up for a designated upload folder, and then maybe have some kind of other script I could trigger, inside that folder to copy things to the appropriate directories ?   That sounds like a bit much work for what I want though.

(much like Angelfire's old upload syste)

Offline snickn

  • Jabba the Hutt
  • *****
  • Posts: 543
    • http://www.snickn.com
CHMOD question
« Reply #6 on: June 16, 2003, 11:19:28 PM »
I wouldn't recommend hosting it as 777, however, our systems should be secure enough that it will be OK. If that's a vague enough answer for you, basically I think you'll be OK but I don't recommend it.

Offline Neco

  • Jabba the Hutt
  • *****
  • Posts: 633
    • http://www.oldskoolgames.com
CHMOD question
« Reply #7 on: June 16, 2003, 11:28:24 PM »
Yea, I understand what you're saying.

Someone would REALLY want to have to get in for there to be a real problem I suppose.

Thanks for your input