I'm running Centos 5.5. I need to create / write some files with a PHP script. The script only works if I have the permissions of the directory in which the files are to be created / written set to writable for everyone, ie:
chmod a+w my_directory
The script is working fine, but having my directory writable like that is obviously BAD.
My question is, is there a way to allow selected programs (such as PHP) permission to write and create files while keeping everyone else out?
Many thanks
Best Answer
Make the files/directories PHP needs to write to owned/writable by the user or group that PHP is running as (usually your web server's user/group).
Note that while this configuration is more secure than world-writable files it is only as secure as your code and your webserver configuration. Plan accordingly.