Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
Moderator: General Moderators
1 post • Page 1 of 1
I have recently set up a site on a shared-hosting server. PHP runs under FastCGI. The web hosting company seems to have set the server up so that any newly created directory has 0707 permissions. This is looks like a significant security risk. I thought that one of the main advantages of FastCGI was that PHP does not need world-writable permissions, even for directories where it needs to write stuff. Or have I missed something?