0707 Permissions

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
cpetercarter
Forum Contributor
Posts: 474
Joined: Sat Jul 25, 2009 2:00 am

0707 Permissions

Post by cpetercarter »

I have recently set up a site on a shared-hosting server. PHP runs under FastCGI. The web hosting company seems to have set the server up so that any newly created directory has 0707 permissions. This is looks like a significant security risk. I thought that one of the main advantages of FastCGI was that PHP does not need world-writable permissions, even for directories where it needs to write stuff. Or have I missed something?
Post Reply