Posted by Jerry Stuckle on 10/07/27 12:00

Gilles Ganault wrote:
> On Tue, 15 Jan 2008 05:12:57 +0100, Gilles Ganault <nospam@nospam.com>
> wrote:
>> What am I doing wrong? Is it some kind of security feature in Apache
>> or the OS that's preventing the script from writing the text file?
>
> Found what it was:
>
> =======
> # ll
> drwxr-xrwx 2 root wheel 512 Jan 15 05:20 .
>
> # chmod 757 ./.
> =======
>
> Now, index.php can write into Apache's htdocs/ but I doubt this is the
> right solution. Does it mean that PHP scripts shouldn't write any file
> into htdocs/ ?
>
> Thanks.
>

Well, it's not necessarily a good idea - it's too easy to upload
malicious scripts. But with proper controls, it is possible.

chmod 757 will work, but as you found, is dangerous. Safer would be to
make the Apache user the owner of the directory, or at least a member of
the group which owns the directory.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]