Page 1 of 1
File permissions on a remote server?
Posted: Fri Sep 26, 2003 5:41 am
by Perica
..
Re:File permissions on a remote server?
Posted: Fri Sep 26, 2003 6:21 am
by BI lazy
octal: the octal numbering system represents numbers by digits from 0 to 7.
In UNIX file system security, acess rights are controlled by a combo of Owner, Group, Others. Each of them can (no need) be assigned a value by an octal number - it represents a bitmask:
rwx -> 111 (for each bit set, the right is granted).
owner means: the user logged in who OWNs the file (the user id is inserted in the inode), has the indicated access rights.
Group means: the group the user logged in belongs to (also indicated in the inode for the file) has the access rights indicated in the respective bitmap.
Others: everyone other has the indicated rights on the file. say: chmod 755 <file>: owner has rwx rights, group has rx rights, others have rx rights - in this order the 755 has to be interpreted.
r= read, w=write,x=execute.
I don't know your program, but I recommend you to put ticks in the according boxes.
Hint: if you want you and only you exclusive write rights and the others can only read the documents on the webserver, say chmod 744: owner: rwx, group ---,others r--.
Hope this helps
stay safe
Re:File permissions on a remote server?
Posted: Sat Sep 27, 2003 8:23 am
by Perica
..
Re:File permissions on a remote server?
Posted: Mon Sep 29, 2003 7:58 pm
by Andrew_Baker
Well, actually, files like CGI applications and PHP are executed by the server, so the 'x' comes into play. If you allow "others" to "r"ead, then, yes, anyone can read as long as they have "r"ead access to that directory. Likewise, "w"rite permissions give access to anyone to write to that file assuming they also have permissions to go to that directory. However, just giving "r"ead access to a directory does NOT give read access to every file in the directory.
For an average web-site, you'd want a Public_HTML folder that has completely open "r"ead access, with links to other stuff like PHP that can only be run by the server. If you want people to be able to ftp upload stuff to you, you can create something like a public_FTP directory that allows 'w'rite access.
Re:File permissions on a remote server?
Posted: Tue Sep 30, 2003 12:31 am
by distantvoices
for executing php scripts, the webserver requires also the appropriate execution flags being set for the files.
I think (I remember a bit unsharp for it's now ages I've heard about it...) you need the x-right on a directory not to read it but to traverse throu' ... to reach the next directory below via path indication. You canna read the content of this directory, but you can reach the one below.
Perica, what ftp-client are you using? I don't know about "coloring boxes".
the group .... well, a user, let's call him Mr. T., belongs to the group "wrestlers". This group has access rights on the directory "book keeping": read. Nothing else. The directory belongs to the group "wrestlers", but all the members can only browse the directory. Members of other groups or other users have no rights set, so they canna even access the directory.
In the directory itself, the files also belong to group wrestlers, but also they have owners one different from each other: file "earning_mr. t" belongs to Mr. T. Its owner access rights are set: read/write. Other group members as well as Others can't access this file. But each other group member can access it's own file provided the rights are set correctly.
I hope this isn't too fuzzy an explanation.
stay safe
@thx to Andrew_Baker for helping out