In a word, no. In a nutshell: "Hell, no!"
Let it interpret 757: it will be
- owner: read write execute
- groups with file permissions: read-execute
- rest of the weird world: read the record run
Now think about some malicious loading of a short shell script:
Update
Yeah, the folder. Well, here's the deal: if you don't have a run bit set in the directory that blocks the search in the directory. The reason the host asks you to make the world = RWX is because they donβt manage the web server like you do, so they take a simple and dumb route to fix it.
There are two possibilities:
Here's an article on what the best methods are.
Assuming your hosts aren't stupid, see what happens with 775.
source share