chmod 777

 
Post new topic   Reply to topic    Aprelium Forum Index -> PHP
View previous topic :: View next topic  
Author Message
nrodes
-


Joined: 24 Aug 2008
Posts: 13

PostPosted: Sat Nov 01, 2008 4:32 pm    Post subject: chmod 777 Reply with quote

I am new to web servers and scripts. I'm running Abyss Web Server X2. I'm programming a simple forum on my website. I don't know how to chmod 777. Could somebody help me?
_________________
Thanks
Back to top View user's profile Send private message Visit poster's website
DonQuichote
-


Joined: 24 Dec 2006
Posts: 68
Location: The Netherlands

PostPosted: Sat Nov 01, 2008 9:39 pm    Post subject: Why? Reply with quote

I can hardly imagine that you would want that on a serious webserver. Let me explain:

Each 7 is for a permission category, in the order Owner, Group, Other. 777 means that you want to give them all permission "7". A 7 is a bit flag value:
Read=4, Write=2, Execute=1. Add any of those you want and you get the permission. So 7 means all of them. One extra note: if you want to enter a directory, you need execute rights on it.

On any Unix-style server, the web server runs as a certain user (I called my user "abyssd", because it is the "abyss daemon"). You also log in as yourself when you put your files on the server. Both you and the web server user have groups they belong to. By default, every user belongs to a group with the same name.

So if you want to be able to read the files, write new files (by uploading for instance), and enter directories, you should give yourself (or an uploader's group) full rights (7). A webserver usually needs only read rights on its files (2) and read+execute (3) on the directories. If the webserver needs to write things, the first thing to do is think. This is dangerous. Why does a webserver needs to write files? One of the valid reasons is a file upload through the website. Off course, any uploaded file should be thoroughly checked if it is harmless and should NEVER be granted execute rights. But even without execute rights, files are not harmless. An uploaded PHP file, for instance, will be executed like any other if it can be located from the browser.

That said, Giving lots of files full rights for everybody is plain dangerous. Don't. It is better do determine the rights they really need. Also, uploaded files are first uploaded to the temp directory and then moved to their final location. They web server user is the owner of these files and can set the necessary permissions. There are two tricks to make sure they are given the right group permissions:
first, do a
Code:
chmod g+s your_upload_directory

(where you will have to substitute the real path to the upload directory). This will make sure all files and subdirectories get the same group.
The second trick is to set the umask right. You can do that in PHP. The umask works the same as the rights, but is built up of all rights you want to DENY. So a umask of 777 leaves no rights at all, and a umask of 027 denies execute for groups and leaves no right for others.

If the files are not yours, you will have to become root to change their permissions. If you do not know how to do that, ask your system administrator for help (he will probably rant the above story at you).
Back to top View user's profile Send private message
aprelium
-


Joined: 22 Mar 2002
Posts: 6800

PostPosted: Mon Nov 03, 2008 5:09 pm    Post subject: Re: chmod 777 Reply with quote

nrodes,

Short answer: "chmod" is an operating system issue and is not something that can be done from a Web server. on Windows, there is no "chmod" and you can safely ignore any instruction related to "chmod"ing a file.

For the long answer: We suggest that you refer to the explanation in http://www.aprelium.com/abyssws/faq.html#A2-3 .
_________________
Support Team
Aprelium - http://www.aprelium.com
Back to top View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    Aprelium Forum Index -> PHP All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB phpBB Group