cache: 777 vs 775 - security?

frankp · #1 (**permalink**) 19-03-2007, 06:40 PM

Using Magpie RSS yoke to do some feed display on a site... it needs a cache folder, but I'm unclear on the permissions issues for the cache folder.

I thought 775 was what it required but that doesn't work.

777 works fine of course, but I'm unclear whether it is a security risk to have the cache folder set to 777.

It's ONLY the cache folder would be set to 777, every other folder in the directory is 755.

thanks for any help.

niall · #2 (**permalink**) 23-03-2007, 12:23 AM

Quote:

Originally Posted by frankp

It's ONLY the cache folder would be set to 777, every other folder in the directory is 755.

thanks for any help.

On most servers the apache server will run as the www-data or similar user. To give the apache user access to the cache directory you have to give it permissions of 777. While theoretically this can be a security hole, it's only really a security risk if you have other holes in your code which gives a script kiddie a method to execute something which he has managed to put in there.

There is also risk of another user on the same server having fun in the directory, but that's easier to track.

Just after doing a check on a multi-user server I help admin outside of work, the amount of 777 directories is impressive

frankp · #3 (**permalink**) 23-03-2007, 03:48 AM

thanks Niall!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode