问题
Q: What are safe permissions for upload folder and files uploading to that folder ?
Wanted operations:
folder = remove / create
file = create / remove / rename / rewrite
What chmod should I set?
will they work with safe_mode = on ?
回答1:
you can use umask so the permissions are set during file upload and you don't have to change them later.
Back to your question. The default umask is usually 022 (755 for directories, 644 for files). The Other bit is important in order to allow access to a web server.
回答2:
Your web server and thereby your PHP scripts are running as a certain user, typically www-data or something similar. The folder needs to be writable and readable by that user, or by a group that user is part of. Other users/groups do not require access to that folder, so you shouldn't give them any.
Assuming the folder is owned by www-data (or other equivalent user your web server/PHP scripts are running as), the minimum necessary permission is 700 (full access to owner, no permissions for group or others). Depending on your specific setup you may or may not need to give further access to others, only you know. 744 is still pretty "safe", since it only gives read access to other users and I'm assuming the data is not exactly secret to begin with.
来源:https://stackoverflow.com/questions/20325257/php-safe-permissions-for-uploaded-file