You have already received a response from other users. Therefore, I no longer need to repeat this for you here.
But you must learn what 755 and 777 mean, and not think of it as some level of psuedo security level. 777 does not mean that it is unsafe. And frankly, I do not see an immediate problem with setting up the folder for downloading images as 777.
owner, root, php executer etc. are not equivalent, but may be the same.
These words are based on English, and you should take them according to the English meaning, and not according to any foreign design of the programming world.
The root user as a dictator. Everything he says is coming. No one can say otherwise.
When there is an object, there is an owner user. And you are setting laws regarding what the owner can do: read, write, or execute. You can also establish laws that certain groups can comply with. Finally, you can also set laws for what everyone else can do.
Now the dictator does not turn around, doing ALL the work. The one that PHP runs on can be one person. And whoever owns the file may be different. They can certainly be the same person, but such definitions are not equivalent. Hope you see the difference.
Here is another analogy. Think of a private park. If you allow everyone (i.e. 777) to enter and play in the park, do you pose any security risk? No. If you have a safe, who would you allow? Only yourself (the owner), right? So it will be like 700 in linux permissions. No one else has any permission except you (except the dictator, because he can come to your home, kill you and take your things if he likes it).
Grumpy Jan 12 '13 at 6:17 2013-01-12 06:17
source share