[support] Drupal File Operations (D715)
Earnie Boyd
earnie at users.sourceforge.net
Mon Oct 29 12:46:10 UTC 2012
On Fri, Oct 26, 2012 at 9:36 PM, Austin Einter <austin.einter at gmail.com> wrote:
>
> If I keep the folder permission 0777 then second time file write is
> possible.
>
I would probably do 775 instead assuming the group id is the same as
the webserver group id. You can also do 755 if the owner is the
webserver owner. (By webserver owner, I mean the user id of the
process running httpd.)
> And, by keeping folder permission 0777, am I bringing up a security issue
> here....
Yes, you have opened world write to the folder. You might even do 770
if you really want to be secure so that no one but the directory owner
id and the httpd process group id can read/write/execute in that
directory.
You just need to make sure that the webserver process can read/write/execute.
--
Earnie
-- https://sites.google.com/site/earnieboyd
More information about the support
mailing list