J
Jerry
My web app needs to write text and .jpg/.gif files to disk (e.g., the user
can upload photos which are then made available for viewing in the app's
pages). The folder(s) to which the files are written can be placed below the
site root (i.e., "in" the site), or above the site root.
The hosting provider I'm working with insists that the folder to which the
app writes files be placed outside of (above) the site root folder.
I'm just wondering what the security risk is of having the folder in the
site (i.e., below the site root folder).
Is my hosting provider following some well-accepted best practice; or does
it not really matter where the folders are as long as the NTFS permissions
are no more than necessary?
Thanks
can upload photos which are then made available for viewing in the app's
pages). The folder(s) to which the files are written can be placed below the
site root (i.e., "in" the site), or above the site root.
The hosting provider I'm working with insists that the folder to which the
app writes files be placed outside of (above) the site root folder.
I'm just wondering what the security risk is of having the folder in the
site (i.e., below the site root folder).
Is my hosting provider following some well-accepted best practice; or does
it not really matter where the folders are as long as the NTFS permissions
are no more than necessary?
Thanks