Okay I have read a lot of the past threads about permissions and the uploads folder. Basically the way I understand it is no uploads situation done over the web can ever be 100 percent secure because the system has to be given write permission. Fine. But from past responses it seems like people agree the BEST way to go about it is to do the following:
1) Give uploads 777 permissions
2) Upload a photo
3) change the uploads directory back to 755 so that it is not world-writeable
Okay... I am with you guys up until this point. It all makes sense. Except that now I have subfolders called 2007/05 that are both world-writeable (because their parent directory was uploads when ITSELF was world-writeable). So my question is: What is the point in even changing the uploads folder back to 755 when I have these two subfolders that are 777 and whose permissions I am not allowed to change. Isn't that just as bad? Any info would be greatly appreciated!