Deleting File From Folder permissions 755
Posted: Sun Jul 10, 2011 4:49 pm
Hi, I am keen to improve my coding practices to make my server a little more secure. I run a dedicated plesk server (centOs) with many domains on it. By default my server (running under fast cgi) makes folders with permissions 755. Each domain has separate FTP username and password. My sites all use php to upload files, process data and write out / overwrite and delete files (images, sitemaps etc).
I have found that unless I give the folders permissions of 777 (as specified for example in the image upload and process script I have adopted and customised) deleting or overwriting files does not work. I am guessing that it is an ownership issue rather than permissions really and am keen to stop using folders with full permissions despite the code I need to run. I have read that 755 should be fine if the same user/owner is accessing the files but am finding a clear answer as to how I can get around this issue and have all my sites working the same on a server where 755 is the highest permission given.
I'd appreciate any help or actual examples as to what I might change in my coding practice so that I can overwrite a file in php that had previously been created by php or ftp each time.
Many thanks (and apologies if this has been covered clearly 999,999 times and I have missed the point)
Jim
I have found that unless I give the folders permissions of 777 (as specified for example in the image upload and process script I have adopted and customised) deleting or overwriting files does not work. I am guessing that it is an ownership issue rather than permissions really and am keen to stop using folders with full permissions despite the code I need to run. I have read that 755 should be fine if the same user/owner is accessing the files but am finding a clear answer as to how I can get around this issue and have all my sites working the same on a server where 755 is the highest permission given.
I'd appreciate any help or actual examples as to what I might change in my coding practice so that I can overwrite a file in php that had previously been created by php or ftp each time.
Many thanks (and apologies if this has been covered clearly 999,999 times and I have missed the point)
Jim