[pmwiki-users] Security breach?
DaveG
pmwiki at solidgone.com
Mon Dec 22 09:25:35 CST 2008
> What happens is that the hackers use the uploads directory
> (with 777 permissions) to upload php files, and then it seems these php
> files can be used to access other parts of the filesystem (if I
understood
<...snip...>
> If a directory has 777 permissions, is there anything to stop someone
> putting an arbitrary file there?
Not sure why you have directories set to 777; my uploads and wiki.d
directories are all 775; most other directories are 755. Not sure why some
are 775 -- I suspect they could be changed to 755. Either way, don't set
anything to 777.
~ ~ Dave
More information about the pmwiki-users
mailing list