Uploading files/permissions question

frank897

I'm working on a project which requires the user to upload images and text files using their browser to the webserver.

The directories containing these uploads currently have the permissions set at 777 in order to upload the files.

How vulnerable are these directories to hackers with the permissions set this way?

Thanks for your help.

Steve

Anon

You on IIS or Apache or something other than that? IIS I know could be really easy to hack (NOT BY MY EXPERIENCE), Unix/Linux boxes tend to be a little more challenging. I can't spell either. If you are on a Unix, Linux, FreeBSD, Slackware, or something in that area don't lose sleep over it. I am not one that really knows a whole lot about it I just know what I have been told I may be wrong. Thanks!
Chad

frank897

Chad,

Thanks for the response.

It is a Linux box with Apache. Just to be safe I think I will set the permissions for writing to the directory, copy the file, then reset the permissions to read only.

Steve