Look in you apache.conf file and find out what user the web server runs as, then give that user the right to write to that directory, probably through a group used for nothing else is most secure.
Brian Mauter wrote: >To get around this, I made a small shell script which runs as root. The php >page calls the script via the system call. All the shell script does is >move a specific file from tmp to a specific location. > >I'm probably asking for someone to exploit it, but I don't know exactly what >they can do. > >-Brian > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]