11-23-2006
Thanks Blowtorch
Thanks for the reply Blowtorch,
I am still not clear about the answer though... Lets say someone broke into my garage and the files were not chmod'ed 666 or 777, (all files are 644 right now) are you saying that all they can do is look around and read files? But if the files were 666 or 777 they could do whatever they want to?
Are you also saying that it's possible to gain access to public_html (for instance) but not the root directories?
Ok, regarding my partner, he is not computer savvy but he knows a little HTML, SnippetMaster allows users to "edit LIVE html in the page" from their browser, you can define "snippet" areas within a page that are editable, there are different user levels where you can set different rights/areas that they can edit (it's actually very cool!) The user doesn't need to know; how to use FTP, how to upload or how to do other backend tasks, they just log-in and edit parts of a live page in a WYSIWYG editor within their browser. I use a lot of SSI, PHP, JS and CGI code on our web site and it's possible he could really mess things up if he has upload access.
Lastly, let me ask a question, should I absolutely not chmod 666 or 777 my .shtml and .html files? I guess I could chmod only the base html files that I include via SSI but that means a LOT more work for me...
Happy Holidays!
Gary
7 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I've got 100 directories that each have 2 directories with in them.
Structered like this:
/home/domains/domain1/
through to
/home/domains/domain100/
and those 2 directories mentioned above are here:
/home/domains/domain1/directory1/
/home/domains/domain1/directory2/
through to... (7 Replies)
Discussion started by: Neko
7 Replies
2. Solaris
Hello Everyone:
One of our admins here accidently ran chmod -R 777 in the /usr folder on a V440 running Solaris 9. After that no one could run any command and could not login. I fixed most of the things by re-restricting some rights and applying the correct rights. Now there is a problem... (3 Replies)
Discussion started by: muntaser_zaheer
3 Replies
3. UNIX for Dummies Questions & Answers
I can belive I really did this... chmod 777 /home :eek:
I have my /home directory synced to another machine.
Can anyone tell me how to get the permissions from
back up server /home to production server /home
It's important that I dont over write the files on the... (1 Reply)
Discussion started by: shunter63
1 Replies
4. Cybersecurity
User usrA creates dirA directory and runs chmod 777 on the directory. Can usrB issue another 777 on dirA? It appears the answer is no even if the usrA and usrB are part of the same group. I know this is a rare scenario but I just ran across it and found out that usrB receives an error when... (4 Replies)
Discussion started by: zlek131
4 Replies
5. UNIX and Linux Applications
i think it is the same in both... Iam i right? (1 Reply)
Discussion started by: sumaiya
1 Replies
6. Windows & DOS: Issues & Discussions
Hello,
I use windows XP on a small server. Lately I downloaded a software (hydrological computation) which asked me to install as well the software ‘cygwin' (kind of linux in windows environment) and then to perform in cygwin window the command: ‘chmod -R 777 *' in order to give writings... (2 Replies)
Discussion started by: Cedalise
2 Replies
7. UNIX for Dummies Questions & Answers
Hey everyone. I have 2 different linux servers (each one is through a different web hosting company). On both servers I have the exact same PHP file upload script that allows users to upload a file or image to the server (everything on both servers is identical).
On server #1 the "attachments"... (5 Replies)
Discussion started by: Mr.Canuck
5 Replies
CHMOD(3) 1 CHMOD(3)
chmod - Changes file mode
SYNOPSIS
bool chmod (string $filename, int $mode)
DESCRIPTION
Attempts to change the mode of the specified file to that given in $mode.
PARAMETERS
o $filename
- Path to the file.
o $mode
- Note that $mode is not automatically assumed to be an octal value, so to ensure the expected operation, you need to prefix $mode
with a zero (0). Strings such as "g+w" will not work properly.
<?php
chmod("/somedir/somefile", 755); // decimal; probably incorrect
chmod("/somedir/somefile", "u+rwx,go+rx"); // string; incorrect
chmod("/somedir/somefile", 0755); // octal; correct value of mode
?>
man 1 chmod' and ' man 2 chmod'.
<?php
// Read and write for owner, nothing for everybody else
chmod("/somedir/somefile", 0600);
// Read and write for owner, read for everybody else
chmod("/somedir/somefile", 0644);
// Everything for owner, read and execute for others
chmod("/somedir/somefile", 0755);
// Everything for owner, read and execute for owner's group
chmod("/somedir/somefile", 0750);
?>
RETURN VALUES
Returns TRUE on success or FALSE on failure.
NOTES
Note
The current user is the user under which PHP runs. It is probably not the same user you use for normal shell or FTP access. The
mode can be changed only by user who owns the file on most systems.
Note
This function will not work on remote files as the file to be examined must be accessible via the server's filesystem.
Note
When safe mode is enabled, PHP checks whether the files or directories you are about to operate on have the same UID (owner) as the
script that is being executed. In addition, you cannot set the SUID, SGID and sticky bits.
SEE ALSO
chown(3), chgrp(3), fileperms(3), stat(3).
PHP Documentation Group CHMOD(3)