Which directories are writable by web server on shared web-hosting?

Question

Currently I'm using shared webhost (Linux) to host my site. I know that anything inside '~/home/my_user_name/www' directory is writable by server. What are the other locations? Basically I want to change default session storage location and probably I shouldn't put it inside www directory.

Edit

Does session saving location has to be web server writable, since session is saved by PHP process?

EDIT 2

How could I give read+write privilege to Apache on /home/my_user_name/tmp directory (tmp dir is outside www directory)?

Answer 1

There is no real "standard" for directories that could be writable by the httpd server : it all depends on which access-rights have been given by the user who owns the directories.

Temporary session files are generally stored in the /tmp directory, which is generally writable by anyone -- but this means your sessions files will be in a directory accessible by other applications and users that are using the same server as you.

As you are running your application from the /home/my_user_name/www directory, a solution might be to create another directory, such as /home/my_user_name/tmp, and give read+write privilege to Apache on this directory -- and, then, configure your application/php so that session files are stored there.

Another solution would be to store the session data in a database : chances are you have a database that other users and applications on your server can't access.