What permissions should I use for a script? Should I make files or directories world-writable (777)?
Some scripts come with instructions suggesting that you should make some files or directories "world-writable" (also known as "mode 666" or "mode 777").
Those instructions are unnecessary. On our servers, nothing should ever need to be world-writable with mode 666 or 777. You should be able to simply ignore that part of the instructions.
We use suExec to run your scripts using your own private user ID on our servers, so your script will have full access to all your private directories without making them world-writable.
Because of that, you can safely use the following permissions:
- Directories should be mode 755 (
- Perl scripts should be mode 755 (
- PHP scripts should be mode 644 (
- Almost all other files, including HTML and image files, should also be mode 644 (
These permissions will work properly for any scripts. Your script will be able to write to these files and directories where necessary, but nobody else will be able to do so.
Note that with the exception of changing Perl scripts to mode 755, these permission settings are usually the defaults when you upload files. In other words, you should not usually need to change the permissions of directories, PHP scripts, or files that your scripts write to.
Why isn't mode 777 necessary at Tiger Technologies?
On a Linux server disk, each directory or file is "owned" by a certain user ID. And when one of your scripts runs, it runs as a certain user ID, too.
On our servers, each customer has a unique user ID, and your scripts run using the same user ID that owns your files.
What's more, your top level Web directory has permissions that prevent other user IDs from reading, writing or viewing "below" that level. Nobody else's scripts run using your private user ID, so they can't see your files.
Giving one of your scripts permission to write to one of your directories is as simple as making the directory mode 755, with the "7" representing write access for any script running as your private user ID. That's the default mode anyway, so it all should work just fine even if you do nothing.
On some other companies' servers, your files are also owned by your individual user ID, but everyone's scripts all run using a single, completely different user ID (often called "apache" or "www-data"). In that situation, the script can read the files of every user ID on the server, but it doesn't have permission to write to any mode 755 directories owned by an individual user ID.
If you want your script to be able to write to your directory at one of these companies, you'll have a problem. The "fix" people usually suggest for this is to change the directory permissions to 777, allowing any other user ID on the system (including the script user ID) to write to it.
Unfortunately, that kind of system is extremely insecure. Not only can everyone else on the server run a script to read the contents of your files (which might contain database passwords and so forth), but if you need your script to be able to write to a directory, you have to let every other user on the server write to it, too. This can be acceptable if you're on a single user dedicated server, but it's completely inappropriate for a "shared hosting" server with many users, which is what most people use.
(We know about PHP's "safe mode", but those kinds of solutions are not secure and cause problems of their own. The proper way to solve this problem, according to PHP's own developers, is using strong operating system file system permissions, as we do. If performance is a concern, you can get almost all of the single user mod_php speed benefits by running PHP scripts using FastCGI.)
When we see script instructions that say "you may need to set the directory to mode 777", without any mention of the risks involved on a shared hosting server, it makes us cringe. The script author is suggesting removing all security from the directory, just in case you're using a server that doesn't properly run your scripts under the same user ID that owns your files. We're amazed that anyone finds that acceptable.
Anyway, none of this is necessary on our servers. Just leave the permissions as described above and you should be fine.
We should also mention that if you do set the permissions of a lower-level directory to 777, that shouldn't cause any problems on our platform, either. That's because your top level Web directory doesn't allow other users to see below that level. However, it's possible to lower the security of your files if you somehow made a lower-level directory mode 777 and you changed the permissions on your top level directory, too. Our system will soon reset the permissions on your top level directory if you do this, but mode 777 is best avoided entirely in most cases.