php email attachment, chmod settings

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I have a php script from Obie (link at bottom) which uploads a file to
the web server, then attaches it to an email, and sends it to a default

This program requires setting a directory for the files to reside in
temporarily.  What settings should I put this folder to to be most
secure, 755?  750?  other?  If the user is uploading, is that the
"world" permissions, or is that the "group" or "owner" permissions?
I'm not entirely sure how the upload in this script works, but it uses
the "open()" "fopen()" and "fread()" functions in there.

Thank you thank you thank you.

Re: php email attachment, chmod settings

I see now that the uplod is RFC-1867:

But this act of uploading - is that "owner" "group" or "other"?

Also, the fread() (which will setup to base64 encode the file): is that
running with owner, group, or other privileges?

Re: php email attachment, chmod settings says...

Quoted text here. Click to load it

Seeing as you used the term "chmod" I presume you are talking about a
linux/Apache/PHP setup.

In that scenario the PHP script are usually run by the Apache "user"  -
e.g. on my test server that user's name is "webserver" and that user is a
member of a group called "web", of which my personal user account is also
a member.

My preference for folders to be used by php for write as well as read is
personally-owned by me but group-owned by "web", and with permissions of
775 (read/write for owner and group, read-only for world).  If I was ultra
cautious I might do 77x.

Geoff M

Site Timeline