777 file permission

Anon

Hi! I have a file that I want php to write to. I've found that I need to set the permission to 777. How can I minimize the security risk? If I use .htaccess to authenticate users, will the file be safe from outsiders and will PHP still be able to write to it?

Thanks!
Tommy

brandonschnell

php has the same permissions that apache has. chown the file over to apache so that only the user that apache runs as (default: nobody.nobody) can modify the file.