Security risks in setting public_html to 777?

From: Andy Bates (bates_at_mac.com)
Date: 04/01/04


Date: 31 Mar 2004 15:15:21 -0800

I'm running a web server, and I want some CGI scripts to be able to
create files and directories in public_html. To do this, I need to set
permissions for public_html to 777. Are there any security risks in
doing this?

Previously, I had the CGI scripts writing to subdirectories of
public_html, and those were set to 777, although public_html was still
set to 755. Is that the best option, or can I change public_html
without introducing huge security holes?

Thanks for any suggestions!

Andy Bates.



Relevant Pages

  • Re: Security risks in setting public_html to 777?
    ... > I'm running a web server, and I want some CGI scripts to be able to ... Are there any security risks in ... > Andy Bates. ...
    (comp.os.linux.security)
  • Re: Apache running The Gimp
    ... S> that they enable a web server to utilize programs (such as CGI scripts) ... GIMP puts its stuff in $HOME/.gimp-2.2. ... So instead of running gimp ...
    (comp.graphics.apps.gimp)
  • Re: Security risks in setting public_html to 777?
    ... > I'm running a web server, and I want some CGI scripts to be able to ... You'll only need that if the web server is running as a user ... that - as an example, with Apache, suexec can be used to let the cgi apps ...
    (comp.os.linux.security)
  • Re: Bash bug
    ... Macs you have that provide externally accessible services. ... Any CGI scripts that use bash are vulnerable, ... a web server, ...
    (uk.comp.sys.mac)
  • Having trouble allowing cgi script on jessie
    ... Haven't run a web server on my home lan for a while so trying to get ... However it seems *.cgi scripts are not allowed to fire. ... Options Indexes FollowSymLinks ExecCGI ...
    (Debian-User)