[osCommerce] /cache/fancy-data/ and chmod 777
[osCommerce] /cache/fancy-data/ and chmod 777
After a quick look trough my web server files... I have seen some strange php files on my server, in /cache/fancy-data/
Of course, this was possible because the MSU script need to be able to write to this file, but this is a security risk we all have to assume if we need this script or is any way of changing this!?
Every time I add a new product / category, I have to chmod /cache/fancy-data/ to 777.
With the .htaccess file, I can understand... but with this fancy-data... I really need to change this.
Do we have any solution?
Why we don't have a !!warning!! in our install.html from MSU about this possible issue
Best regards
Re: [osCommerce] /cache/fancy-data/ and chmod 777
e-electr wrote:Every time I add a new product / category, I have to chmod /cache/fancy-data/ to 777.
No worry, We can not chmod 755 !!! The worst possible case, a visible warning that our fancy-data/ file is not writable.
We have to stick with a big hole in our web shops?
Please do something guys!
I will be able to pay, as long this issue is corrected. Please!
Best regards,
Re: [osCommerce] /cache/fancy-data/ and chmod 777
It can not be done better way from PHP development point of view, but if you really want to increase your security, there are some extensions such as http://www.suphp.org/ (slower) or http://www.fastcgi.com/ with http://httpd.apache.org/docs/2.0/suexec.html (faster) for PHP improving this behavior.