Ping a Specific Port

Question

bMon

Asked: 2011-05-27 11:37:02 +0800 CST2011-05-27 11:37:02 +0800 CST 2011-05-27 11:37:02 +0800 CST

File permission security for webapps

772

I have a typically configured LAMP server with various web apps running on it.

A few of the web apps require user supplied image upload functionality (as well as a couple WP blogs that need to upload images).

I have tried to tighten my permission security, and I am finding that 767 is the best I can have on my /uploads/ directory.

I've read that 755 or 750 are the best for directories, but my uploads won't take when set with them.

So my question: is 767 safe? Or should I take the time to get under the hood and try to get 755 or 750 working somehow?

1 Answers

Voted

Satanicpuppy · Answer 1 · 2011-05-27T11:51:45+08:00

Best Answer

Satanicpuppy

2011-05-27T11:51:45+08:002011-05-27T11:51:45+08:00

If you are allowing uploads into a directory wherein files can be executed, you're asking for trouble. 666 would be far more appropriate. Root doesn't need to be executing things in an upload directory. No one needs to be executing anything in that directory. For my money, I'd do 262.

You literally cannot have too much security on a directory that contains user uploaded files.

0

File permission security for webapps

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?