Hi there

I am pretty new to the level of hosting service at Lunarpages and know very little about server side stuff, though I am learning pretty fast lol.

My question/s are rather simple really. A mod for the lunarpages phpbb that a friend wants me to install requires that certain folder/s permissions are set to 777. The mod is to allow files to be uploaded as attachments to forum messages (the mod is File Attachment Mod v2).

I have read elsewhere in the forums that this should be avoided if possible.
Is this a security risk?
If so how big a risk does it pose?

As Stephan said, there's not a whole lot to worry about.

If a car thief really wants a car, he's probably going to get it eventually.

If a hacker really wants access, it's the same thing.  Most hackers (especially the ones that would cause the most damage) know there's nothing to be gained by hacking into most people's websites.  The Justice dept site, well that's another story.

setting 777 for 1 or 2 folders is no big deal, (because of what Stephan said) for things like attachments, or temp files that are promptly deleted.

If you need a writeable place to store more sensitive information, don't make it in your publicly accessible website.  Put it NEXT TO your public_html directory, and that way though scripts on your site can write to it, it's not part of your website that the server is just waiting to serve up to the public.  The full path to this folder would be:
/home/youraccountname/foldername

Although it would be very difficult for somebody without your password to access that folder, the car thief rule above always applies.  It would just take them longer.

Thanks Stephan and Twebman a very complete and very detailed answer  

Gotta love these Lunapages Forums.

Now all thats left is all the fun of the fair installing the MOD (not the best choice for my 1st try LOL)

You guys are sooooooo helpful.

Anyway I hope that this helps someone else with a similar question searching for "777" like I did