a few things:
-who does PHP write as? if i'm in a folder owned by shawnd and it is chmoded to 755, can PHP still write in that folder?
-can PHP save or open beyond the Apache document root? my Programming PHP book has a safety section on security and it shows a sloppy code which it says could allow a user to view my /ect/passwd file, can PHP realy read all files on my hard drive if given the correct relative path?

    Yes , it's possible to open for writing a file out the document root, but only if allowed by permission.

      ok well i'll assume you can write as well....

      but who does PHP write as?

        mmm, maybe PHP writes as nobody

          Write a Reply...