Index du Forum » » Questions

Auteur

Chmods indispensables ?
rama11
45    

  Posté : 02-02-2010 08:13

j'ai trouve ça dans l'aide :

"When a php script requires write access to a file or directory (like Nucleus does for the 'media'-directory if you want to be able to upload pictures etc), you have to chmod that directory (or file) to 777 (or 666 for files) on most servers. This gives world write access to this folder (file). This is because on most servers apache (and php) runs as user 'nobody'.
Although giving world write access will make it possible to use the script, it also means a security hole, which can be used by hackers and other riff-raff.

To avoid this security hole we run phpsuexec on our servers. Using phpsuexec, php runs under your own username on the server. This removes the necessity to make files and folders world writable. Instead you can just use 755 for folders (the default) and 644 for files (also the default).

Using phpsuexec may have some consequences. Specific statements in your .htaccess file may result in an error 500 (internal server error). So here are two possible problems, and how to solve them:"

ça veut dire qu'avec phpsuexec plus besoin de chmods 777/766 pour npds ?



Cet article provient de NPDS

http://www.npds.org/viewtopic.php?topic=24697&forum=9