Adding 'script user' to 'ftp group'

aewarnick

I have a class in the scripts on my website that enables the script to write to all the files on my site. It does the php login and then chmod's the file to 777 so that the script can write, and then back again when the writing is done.

To me, that's a security flaw that can easily be remedied by adding the script's user to the group that's assigned to all the files on my site. This way I'll never have to chmod my files to 777 again to give the script write access because the script will be part of the group. I'll just give group write access.

I have asked my web host to do this but they denied it and won't give a good explanation.

Is this a bad idea and if so, why?

EPJS

Why give your php files 777 anyway?

They would be more secure at 755

You can write to a file at 755 too.

aewarnick

Only the owner can write to the file. The script does not own the file.