776 (read, write, execute for owner and group, read and write but not exe for public)
766 (read, write, execute for owner, read and write but not exe for group & public)
666 (read and write for all, no execution whatsover)
I would suggest 666 if you dont have any scripts in the folder and only need to to dump and get stuff, this way no matter what user is accessing the folder, it cannot execute a potentional harmful uploaded script/program
Not sure if this case applies correctly. I've a cache folder. Basically this cache folder is for my script to write static files for cache and on every request of the script, it will first look for a cache for this section and if found (PHP using is_file(filename)), it will read the file and output to the public.
Having this logic, I CHMOD to 666 because since is just plainly for read and write by my application. But apparently its not the case. I received permission denied on the is_file() function.
Ok, didn't try is_readable but regarding the AddType text/plain .php, what is the equivalent way for cgi or any other harmful scripts? Should be very useful for many user here since many application nowadays support uploads from their own members.
If you are not using phpsuexec yes it will need to be 777
Steven Ciaburri | Industry's Best Server Management- Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance