Image Upload On-Security Risk? | WordPress.org

Joe
22 years ago

Does anyone know if there is a security risk by turning image upload on? From what I’ve seen, the permissions for the image upload directory has to be set to world writeable 777, as 775 won’t work.
What are the risks of setting directory permissions to 777?

Viewing 2 replies - 1 through 2 (of 2 total)

n0ki
(@n0ki)

22 years ago

mhh…
you only allowed files with extensions like JPG GIF PNG and so on.
so i think it is no security risk.
Ok if a directory on 777 so every user could write on this directory. But nobody could do this from HTTP.
The only choice is that in a script on your Website has a bug that allow that. Only than it is possible from HTTP.

ablewave
(@ablewave)

21 years ago

Hi there. I don’t believe that’s true, or at least there is more to the story. See my other post:

http://wordpress.org/support/topic.php?id=22553#post-170675

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Image Upload On-Security Risk?’ is closed to new replies.

In: Fixing WordPress
2 replies
3 participants
Last reply from: ablewave
Last activity: 21 years ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics