security read write files and folders

[snk]

hello,

 

when i upload files to my webspace i set permission to my files and folders. Im wondering how im unsafe if i grand a folder or file with write permissions to all/everybody. In fact I have the intelligence to understand that ones can places files to my webspace and then execute them. But I dont have the knowledge how to implement it.

 

How can i write to that folder and files?

 

thank you in advance for your attention.

[0x00]

Well if someone was to post a file into an area which is processed by the web server before displaying it, and they were to put in some php, then that would get executed (or any other language the server is set up to interpret).

 

That should cover the extent of your question.

[snk]

Thanks for your reply,

the question was "How can i write to that folder and files?"

Not what is the impact... In fact i describe the impact..

 

if you please tell me how i can test it in acton i would be greatfull

 

snk.

[hitman6003]

Im wondering how im unsafe if i grand a folder or file with write permissions to all/everybody

 

Actually, you did ask that question.

 

Anyway, look in the manual:

 

http://www.php.net/file-upload

 

If you aren't handling uploads, then look into the file functions...fopen, fwrite, fclose.......

[snk]

outside of the waters of my question, lets say that i want to upload files to a web space that i dont own.. can you place a file to the folder www.myfoxnet.com/hacked ? the permissions are 777

 

cheers.