Folder Permissions.

Here's a good question. I see many people talking about setting permissions on a folder that needs to be writeable to 777. Is that actually correct? I mean, why make a folder executable if it dioesn't need to be? That seems like a security risk to me.

Wouldn't it be better to set the ones that just need to be writeable like this?:

 Well, that didn't work. In the above example, I had the folder set to 666 (read write for user, group and world)

permissions can really be dependant on your build. suphp does not allow 777 reverts all settings back to 755, and truly the only thing that should be 777 would be the ffmpeg.exe and that is because it is an executable file.

Regards,

DosDawg

Ok, you set yourself up for this next question. If suphp reverts all 777's back to 755, isn't that going to muck up the needed permissions for the ffmpeg file?

OR, does allowing the function exec() supersede the file permissions anyway?

Also, I noticed if you set write permissions on some of the folders that need read/write to 666, you can't open the folder to see whats in it! LOL! You'd have to set it to 766 to execute tghe opening of the folder to view the contents....

Head hurting yet?

@sky

first of all i think there is a misunderstanding of what execute would mean, you dont execute a directory, you would execute a file.

so 777 on a directory is useless.

what is your php build

fast-cgi

phpexec()

suphp

Basically this has to do with non-suphp systems will write something (like a language file for instance) as owner "nobody" when using an apache handler (correct me here if I'm wrong DD, still learning alot of the server stuff) and will not write the file in the correct directory without a trip 7 CHMOD.

Now, suphp sets the owner as the server or something like that when using apache (again, you know more about this than I do) and thus this is why an suphp system will run correct in 755  and does not even allow a trip 7. 

I'm pretty sure that's the very basic answer to his question, but feel free to elaborate on it more and correct me where I'm wrong there.  As I said, still learning the servers part of this stuff.

***Edit:  To answer more of his question, read below:

As far as some of the folders go, the reason for Trip 7 or 755 is so that when a member uploads an image, video or whatever to the site it can be saved to the directory, without the permissions then that specific upload would not happen, profiles would not be created, e-mails would not be sent and so on and so forth as nothing would be able to be saved. 

To go even further, let's say you set the file perms to QUAD 0 (Yes, that's 4 zeros and you can do that) then nothing on the site would be accessible to ANYONE at all as it wouldn't even have readable capabilities.

php is 5.2+, server is Linux using apache.

If you use Cpanel file manager to enter public_html folder and set any of the folders to 666 (anything less than a 7 in the first spot) you cannot access the folder by double clicking it. All you get is an error telling you that you do not have permission. Set the permission on that folder to 7 and it allows you access.

In windows, it would be considered an ownership thing. 6 makes you not the owner whereas 7 would assign ownership and allow viewing of the contents.

That's not what I am really interested in. Here's what I want to know

what is suphp really?

why can it make changes to a permission setting to a folder in my directory that I set as the owner of that folder? In other words, change a permission from 777 to 755 without me asking it to?