How do you allow PHP to write to a file without compromising server security

Question

How do you allow PHP to write to a file without compromising server security

I often come across negative comments whenever I want a PHP script to write output to a file on the server.

I use functions fopen(), fwrite()and fclose().

The only way I know how to do this is to either set the permissions for the output file to 0666, or use its "nobody" (which is the user that PHP runs on our Apache web server).

So, if “0666” or “belongs to no one” is a security risk, how do you successfully and safely allow a PHP script to write to a file?

Thank you for the joint guidance on this topic.

+5

php apache permissions file-ownership fwrite

H. ferrence Feb 13 '12 at 13:52

source share

2

, , . , , , , ... . .

, , . .

-1

user263688 12 . '17 19:24

Duane Gran · Accepted Answer · 2012-02-13T14:20:10+0000

PHP , , - (apache ) . , , , script . , , . :

. getfile.php?file=1.txt, , 2.txt. Crypt unsequenced.
script, , , , - , , /etc/passwd ... >

PHP, . chmod chown, apache. , cron script ( ) PHP. , , , , .

How do you allow PHP to write to a file without compromising server security

More articles: