Is it safe to chmod a directory 777, or is it a security risk?
One of my scripts requires that in order to run in multi-user situations, and I'm wondering if it's okay.
Asked
Active
Viewed 2,572 times
1 Answers
4
While it is generally considered to be a bad practice, because any user can remove or modify any other users data, it is not such a great risk in itself; or, better said, it all depends on the context. On a machine with a limited number of trusted users this is not really a problem, as long as the script is not world accessible (like a web cgi) or runs as root.
However, there are many ways such a need can be avoided, and if you post some details (why must the script use 777?), we can consider a better solution. One semi-solution is to set the +t bit; that way, any user can write in the directory, but only that user can then remove or modify the created files.
January
- 37,208