Issue
On an app I'm working on, when a user registers an account, the registration script is supposed to create two folders for the user. The user's personal folder within a preexisting folder called 'users', and another subfolder within their personal folder called 'images'. However, right now I'm getting an error that states "Warning: mkdir() [function.mkdir]: Read-only file system".
How should I set the parent directory so that it allows the script to create the necessary folders but still be safe from any kind of malicious uploads?
Currently the parent directory is set to (0)755 and the created folders are supposed to be given 0777. Should I change the permissions to the script created folders as well?
Solution
Please read about umask. umask are flags which decide the default permissions of the newly created files and folders. The PHP equivalent is documented here: http://us1.php.net/umask.
Granting 0777 permissions are never advised unless you want to get yourself compromised seriously. Please use 755 permissions for most of the stuff. For sensitive stuff like private keys, make it 600. Public keys get a permission of 644.
Answered By - Chandranshu