1

I am on a HostGator "Basic" Dedicated linux server.

A current project calls for an image library that is accessible from multiple sites on the server. We are running SuPHP so each site has a different Owner:Group. The requirement is that PHP scripts need to be able to read and write to this folder.

One solution I have found is to put the image library directly inside the Home directory : /home/library/images/ This /library/ dir has 0755 permissions, while the /images/ folder needs to have 0777 permissions. These directories are owned by root:root. Next each site has a symlink pointing to /library/ directory.

This method works perfectly, HOWEVER what are the security implications? Would adding a .htaccess file allowing only images to be displayed + turning PHP parsing off for this directory be enough?

filip
  • 125
  • 6

1 Answers1

1

suPHP requires 644 permissions on files and 755 permissions on folders or apache will throw a 500 error.

Hostgator should be using cPanel which would allow you to create addon-domains under your cPanel->Addon domains option. This would be ideal for adding domains to your account. SuPHP differs from DSO as it REQUIRES your user to call files instead of 'nobody' .

Anything with 777 permissions is a nightmare for security, simply don't do it.

Joey BagODonuts
  • 1,635
  • 2
  • 16
  • 16
  • thanks however apparently somehow I am able to bypass that SuPHP requirement with my setup. Since the /library/ directory is owned by root and it is outside all website DocumentRoots, PHP is able to work in those directories no problem. The sites that will be accessing this directory via symlinks are a combination of unique cPanel sites and cPanel add-on domains. In this scenario is 777 permissions really that bad? – filip Dec 19 '10 at 07:12