Of defaults and permissions in PHP
Posted on February 7, 2004
Filed Under /dev/null/ | 125 views |
I just noticed that the mkdir() function in PHP uses 0777 as the default permission setting. This strikes me as odd since, in years as a PHP developer, I can’t recall ever once wanting to create a directory that was completely wide-open. Almost always it’s been something closer to 0755.
I wonder why 0777 was chosen as the default? I’d consider this a non-critical bug since the mode value is also optional and thus could easily be over-looked by a developer. Seems to me that it opens the door for less-experienced PHP developers, or PHP developers not used to working with Unix file permissions, to automagically create potentially dangerous holes in their sites.