i have a upload function on my cms using POST (php). everything works fine but the directory needs a 777 setting otherwise i get errors.
i would like to bring this down to like a 644. how could i do this?
would this setting be in httpd.conf?
i have a upload function on my cms using POST (php). everything works fine but the directory needs a 777 setting otherwise i get errors.
i would like to bring this down to like a 644. how could i do this?
would this setting be in httpd.conf?
Make sure that Apache (httpd) owns the directory. This will allow Apache to put files there without needing to 777 the entire directory.
Use
chown -R apache:apache /path/to/upload/dir
EDIT: As cyberx86 pointed out, the actual PHP process is what will be doing the file writing. Therefore the PHP user is the one that needs to have ownership of the directory to set more restrictive permissions. When paired with Apache, PHP instances are generally child processes of the parent Apache process.
I think the best way to do with would be with acl's. You can have the directory owned by nobody:nobody, and then give the user that your application runs as have full read write access.
This removes other people in a group having access. It will remove the 'other' acce
Then remove the 'other' ability to see the folder.
Then give whatever user writes to read/write/execute the folder.
then add the acl option to fstab.
Then remount.