My server Admin wants me to set public write permissions on a directory

file-permissions apache-2.2 permissions php vps

Solution 1:

Let's break it down:

You need the user running the script to read, execute and write on the directory, so it should be:

7 = (r)ead,(w)rite,e(x)ecute

Other users belonging to the same group should be able to execute the php file within the directory, but not write to it (for obvious reasons); they don't necessarily need to read the PHP files. Therefore, we need to provide just execute permissions:

1 = e(x)ecute

Same for the public. In fact, that's all you need for external users who need to view php and static files:

1 = e(x)ecute

So the bare minimum should be:

711

I confirmed the above settings with my own configuration, so it should work; however, this is under the default web user. If you are uploading with a login other than www, the files and directories would probably be under a different user. In that case, the default web user may not be able to read or write the files that are owned by you. At that point, you probably need to add the default web user to your group (the sysadmin will have to do that) and then give read, write and execute permissions to users belonging to the group:

771

And that would probably work. Either that, or have the sysadmin change the user and group ownership of those files to the default web server user (but NOT THE PERMISSIONS!). If that still doesn't work, a sample output of the permissions (something like "ls -la within the directory") would help us troubleshoot this further.That said, as long as you only have to give execute permissions to the public (or "other"), you should be fine from a security standpoint.

Solution 2:

Leave it as public, it'll be fine

I reckon it's an ip conflict somewhere in the domain resolution, 
but I'm not worried about it.

This guy is an idiot and this is complete nonsense. Access rights have nothing to do with IP addresess or domain resolution, he is just dropping words.

Given the quality of this "administrator", I would recommend to host your site elsewhere as it is very likely the site is administered very poorly and insecure. Just putting 777 permissions on something so that it works is a sure sign he doesn't understand a bit of what he is doing.

What access rights are really necessary is dependent on the way the system is used and configured and it is kind of hard to tell you something without knowing this.

Related

Setup for high availability virtualized environment
How can I move my deploy key into vagrant?
How can I install MySQL 5.7.9 to Ubuntu 14.04?
Hidden commands on Windows
Comparison of Unix shells
Group of elevators in a building
Plastic silverware - What's that? (American English)
Train Station vs. Railway Station
Word or phrase for non-linear-but-still-greater-than-linear?
What do you call it when you "extend" a word? [closed]
Is the term 'rubric' only used by educators and teachers? [closed]
When someone phrases a question awkwardly to elicit a wrong response