I have a website where users can crop images. I usually save cropped images under a folder with "755" chmod parameters.
However, when it is 755, it doesn't work - It works when I chmod to 777 and I believe 777 is very insecure so I don't want to use it.
What could be wrong?
Ps. The system works like this. There are some pictures in server, PHP allows user to crop those images and when they click save, it should be saved on /cropped" folder. It works with 777 but not with 755.
File permissions specify what the file's owner can do, and what others can do (groups, and rest of the world). You still have to specify the correct owner.
You'll probably have to change the folder's owner to your server process' user (maybe www-data, if you're using apache). Then 755 should work.
chown www-data:www-data /cropped
Edit: Use chown -R if there are subfolders inside /cropped and you want to change their permissions as well.
You already got your answer from other users. So, there's no need for me to further repeat that for you here.
But, you should actually learn what 755 and 777 means rather than thinking of it as some sort of psuedo-security level setting. 777 does not instantly mean insecure. And quite frankly, I see no immediate issue with you setting your image upload folder as 777.
owner, root, php executer, etc are not equivalent, though may be the same.
These words are based in English and you should take them at english value rather than some foreign construct of programming world.
Root user is like a dictator. Whatever he says goes. There's no one who can say otherwise.
When there is an object, there's an owner user. And you set the laws as to what the owner can do: read, write or execute. You can also set laws to what a specific group can do. Lastly, you can also set laws to what everyone else can do.
Now the dictator doesn't go around doing ALL the work. The one running the PHP can be one person. And the one who owns the file can be another. They could certainly be the same person, but such definitions are not equivalent. I hope you see the difference.
Here's another analogy. Think of a private park. If you allow everyone (ie 777) to enter and play in the park, are you posing some sort of a security risk? No. If you have a safe, who would you allow? Just yourself (the owner), right? So, that would be like 700 in linux permissions. No one else has any permission but yourself (except the dictator, because he can come to your house, kill you and take your things if he felt like it).
755 means the owner can read/write/execute, groups and everyone (public) can only read/execute. Check the credentials of your httpd. 777 doesn't necessarily means it's insecure, just make sure to disable parsing of PHP inside that folder using either .htaccess through -ExecCGI or php_flag engine off or even php.ini configuration (per folder)
You may try 775 to see if the group setting suffices
Your /cropped directory needs to be owned by the user who is running PHP.
This is typically www-data, but you need to check your setup.
