Why is chmod 777 Dangerous in PHP / Apache / Linux?

Understanding the Dangers of chmod 777 in PHP / Apache / Linux

Despite warnings against assigning 777 permissions to Linux-based web hosting, the exact vulnerabilities remain unclear. This article seeks to elucidate the risks specifically within a PHP / Apache context.

PHP scripts can indeed be executed externally via the web server or the command-line interpreter, regardless of their executable status. However, 777 permissions introduce a significant threat: they allow other users on the same machine to access files with world write capabilities.

Consider this scenario:

1. An unprotected directory allows user uploads.
2. Users upload an executable shell script and a PHP file containing a system() call to the shell script.
3. By visiting the PHP script's URL in a browser, the shell script is executed.

With 777 permissions, anyone, including the Apache user executing the PHP script, can execute the shell script. If the executable bit were not set on the directory or the files within, this action would not occur.

It's important to note that it's not the PHP file's permissions that pose the threat. Rather, it's the system() call that executes a Linux system call under the Apache user (or whoever is executing Apache). This is where the execution bit becomes critical.

The above is the detailed content of Why is chmod 777 Dangerous in PHP / Apache / Linux?. For more information, please follow other related articles on the PHP Chinese website!