Web lists-archives.com

Re: [PHP] File Permissions?




On Wed, Aug 16, 2017 at 12:43 PM Tedd Sperling <tedd@xxxxxxxxxxxx> wrote:

>
> Adam:
>
> If you set a file to 755, then how does bad guy do bad things with it?
>
> Certainly, with 755 the owner can do anything he wants (read, write,
> execute), but the “group” and “everyone else” can only read and execute (5)
> the file — there is no “write” to the file. Without a “write”, then how can
> a bad guy change/upload a file?


When I get back to my computer in a couple hours, I'll send some exploit
examples :) (I'm out with my daughters for a bit for school shopping)

Adam