Jump to content

777 CHMOD


dude753

Recommended Posts

Hey!

I volunteer on a fairly popular fan site. We've been using the same news script for about 2 years, then we moved server and suddenly it got hacked. The script is Cutenews and has lots of files on it which have to be CHMODed to 777 like news.txt and templates etc.

We have never had any problems then suddenly we start getting hacked via the template files in Cutenews. We installed another news script, Fusion News. Again we get hacked through our templates, which were 777.

Is it because the files are 777 that they are being hacked? If this is the case then why do a lot of scripts require you to have files CHMODed to 777?

Is it because of a bug on our server that we keep being exploited?

Thanks <3
Link to comment
Share on other sites

its deffinately because your files are CHMOD 777, it allows anyone to veiw, edit and execute the files, you're probably better off using a news system that uses sql instead and not having any files with CHMOD 777, there area couple about but i wrote my own and have never used any pre-made so i couldnt suggest one.
Link to comment
Share on other sites

Config files are normally only set to 0777 while installing a pre-made package, after the install you are supposed to set them back to 0755 (I think). Allowing configuration files to be writable to absolutly anyone is very insecure.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.