ckroon
Posts: 869
|
| Posted: 10/01/2010, 4:05 AM |
|
Ok.. so I want to upload some sensitive data using the File Upload Component.
It goes to TEMP then to uploads folder.. I have to set both to 777..
How do I protect these docs?
Can I move the files to a different folder that has 770?
_________________
Walter Kempees...you are dearly missed. |
 |
 |
datadoit
|
| Posted: 10/01/2010, 10:37 AM |
|
You should be able to get away with 755 (-rwxr-xr-x) on your uploads
folder. When the file is uploaded, it goes in with the ownership and
group membership of your web server user (as specified in php.ini,
typically 'apache'). Thus, the 'apache' user can then move the file to
it's permanent home, as long as the uploads folder has ownership of the
same (apache).
|
|
|
|
ckroon
Posts: 869
|
| Posted: 10/01/2010, 1:54 PM |
|
Nope... the CCS file upload component tells me it is Insufficient Permissions.
_________________
Walter Kempees...you are dearly missed. |
|
|
|
datadoit
|
| Posted: 10/01/2010, 2:08 PM |
|
Have you verified that ownership of the uploads folder is the same as
your web server user permissions? apache?
drwxr-xr-x apache apache uploads
|
|
|
|
|
