My question relates to using php for handling file uploads. Since php runs as user apache, using it to manage file uploads means that I need to give write permissions to the user apache, which is a near-to-nobody user, i.e. 0+w permissions. Now does that not mean that anyone who can run a php script on the server can write to my account?
Is there any configuration setting that I need to fix, for this seems to me to be too trivial to be a bug, but still I know it can be used with fatal effects. Nirnimesh. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
