How to stop CHMOD 777

[bambinou1980]

Hello,

 

I would like to know how I can stop my image upload folders to be CHMOD777.

What is the best way to takle this problem(step by step please).

I understand this is an issue with permission on the server but how can I do it in a way that I can lower the permission safely please.

 

What do I need to check for in my Linux server?(CENTOS 6.7 x86_64 standard).

 

Let's say I create a php upload script now and upload it to "http://mysite.com/script", what is the next step?

I am still a novice in PHP and struggle to understand how to get the technical flow of the next steps...... What to type, where to go in the server to find out the needed information to stop this problem from happening.

 

 

Thank you,

 

Ben

[scootstah]

I don't understand your question. If you don't want 777, then you would use chmod to change the permissions.

[bambinou1980]

Sorry what I mean is that any scripts with an upload image folder which I install on this dedicated server have to have the upload folders set to chmod777.

 

Right now I installed this script in a php file:

<?php

$processUser = posix_getpwuid(posix_geteuid());

print $processUser['name'];

?>

 

And it shows the user as "Nobody"

 

I am trying to understand why I must set every time my folders to CHMOD777, if I set them to CHMOD755, the uploads won't work..

 

How can I solve my upload problem without using CHMOD777(for security purpose) but still be able to upload my files.

 

I just checked, this server has Suphp installed. What shall I do Next please?

 

 

Thanks,

 

Ben

[scootstah]

You would use 775, and set the group owner to the web server user. Since you're using CentOS and you most probably have SELinux enabled, you have some additional steps to take.