CHMOD 777 Arguement

Unlimited Shared hosting & Unlimited Disk Space from $5.95 - Dreamhost
Solid Managed VPS with 4 IP's from $60 - Liquid Web
Lightning Fast Dedicated Servers & 1GB RAM from $149 - Liquid Web
#1 Domain Registration with WHOIS Privacy - Just $9.95

This Hostgator support thread was started by taha116 on 2009-06-23 12:11:46:

Alright, so say I tell you that to have attachments work properly, your attachment folder needs to be 777. The first thing people ask me is…

- Isn’t this a security risk?
The short answer is: no, not really… it isn’t. Keep reading for the long answer.

- So, what, you’re saying EVERYTHING should be 777?!?
Not hardly. Just some things in the forum’s directory. Not, of course, that you should do so with the entire directory - but it won’t matter much if you do, so long as your server is configured reasonably correctly.

- But… wait a minute. The three numbers stand for "Owner," "Group," and "Everyone." Doesn’t that mean anyone can write to the files if I make it 777? (writable by all!?)
Well, technically, yes. But, the person first has to get into your server and be able to touch the file in the first place. They also have to have access to the directory the file is in, and the directory that file is in. At some point, you should have a directory (probably your username) which isn’t 777.

- Isn’t it safer, at least, not to use 777? What if a hacker got in?!
If a hacker gets in and wants to cause you trouble…. there is nothing you can do. You can have the file permissions as strict as you want, but the database will be wide open. So, yeah… you can protect the files that don’t change from being deleted, but not your posts.
Which is more important? The files you can download again from here or the data you cannot get back?

- Isn’t it unlikely a hacker would get into my server so much they could delete posts?
Not that unlikely, but no more or less likely than if they could use 777 to their advantage. Think of the database as ALWAYS 777.

- Doesn’t MySQL have permissions? Can’t I make it so they can’t delete?
The forum won’t work if you do that. It needs to be able to delete. If it can delete, so can the hacker. Dillema, huh?

- I believe you, but my host doesn’t. They don’t want me to make everything 777, they say it’s not safe.
So have them read this. If they can’t refute it, prove it wrong, or at least even challenge it then I guess they have to let you do 777 http://www.simplemachines.org/commun…imple/grin.gif.

- Even if 777 isn’t a problem, why should I bother?
Because it makes things, like for example the package manager and attachments, work better.

Any other questions? (so far I made all these up, sorry if they aren’t realistic http://www.simplemachines.org/commun…ple/tongue.gif.) Feel free to ask and I’ll answer away. I challenge you to prove me wrong…. show me that somehow 777 is all that bad.

From: http://www.simplemachines.org/commun…p?topic=2987.0
By: [Unknown]

This guy has over 34 500 posts on the official SMF site and i would probably trust him with my Site FTP information if it came to it and my credit card information and my life… lol You get the picture. hes not stupid and he is not lieing. Please enable chmodding to 777 this should be more than enough.

I want to sgin up but am hesitant because of the 777 issue

Join in on the original post at the Hostgator Forum, Apply for a Hostgator Account or view our Hostgator Review.