Question
This may be a "duh" question for anyone who really understands permissions, but I just want to make sure I'm not doing anything that might hurt later.
If I CHMOD a database file (CSV format) to something like 640, so the public cannot read it, but have PHP files that access it, is that considered a secure way to keep and access a database?
File stucture:
/directory/database.csv (this is 640 or something that prevents public access)
/directory/access.php (the public can only access the database through the interface in this file which reads the info in the "database.csv" file)
Thanks for your help.
Solution
Define secure I guess. Yes it stops OS users other than the owner/users within the group from accessing it, but have you thought about what happens if the hacker gets in via the owner? aka the apache/php user?
To answer your question, yes it is secure on the OS.
https://stackoverflow.com/questions/23502696
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian