Thank The Cheese
Registered
Good afternoon,
I'm working on an online newspaper website. I've created a page that allows an authorised person to upload a file to the server (ie. add a new article). To achieve this, I had to change the folder permissions to allow read and write privilages. I'm just wondering what sort of security hazards this allows.
The upload page itself will be password-protected so only authorised people can fill it out and upload a file, but does changing the permissions of a folder leave it open to people to take advantage of in other ways, without the use of the upload page?
I guess what I'm really asking is, is the way I've set this up a perfectly legitimate way of solving the problem, or is it a sloppy way of doing it (and there are better ways)?
Thanks for the help
I'm working on an online newspaper website. I've created a page that allows an authorised person to upload a file to the server (ie. add a new article). To achieve this, I had to change the folder permissions to allow read and write privilages. I'm just wondering what sort of security hazards this allows.
The upload page itself will be password-protected so only authorised people can fill it out and upload a file, but does changing the permissions of a folder leave it open to people to take advantage of in other ways, without the use of the upload page?
I guess what I'm really asking is, is the way I've set this up a perfectly legitimate way of solving the problem, or is it a sloppy way of doing it (and there are better ways)?
Thanks for the help