10-23-2008
Quote:
Originally Posted by
aliahsan81
Ohh yes you are right,i didnt understand your question,yes what you are saying is also perfect.
Thx Neo.
I am not suggesting that you do one, or the other.
I am saying you should do both, (1) use your .htaccess directives and (2) create a crontab to insure all files are not executable. You might also consider changing ownership (chown) of the uploaded files in combination with chmod.
This is called "defense in depth" - using more than one security defense in case the other one fails.
Relying on only one security control creates a higher risk of compromise.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi everyone, I'm a newbie at this. We have a unix web server which has redhat 7.2 on it. It has apache server hosting our website at the moment. This is what I'm trying to do.
Goal: I'm trying to put reports online so when clients come they can read it and what not. I want only clients viewing... (2 Replies)
Discussion started by: crazycelicagts
2 Replies
2. Shell Programming and Scripting
Hi ,
I 'm trying to check if multiple directories exist on a server, if not create the missing ones and print " creating missing directory.
how to write this in a simple script, I have made my code complex
if ; then
taskStatus="Schema extract directory exists, checking if SQL,Count and... (7 Replies)
Discussion started by: ramky79
7 Replies
3. Shell Programming and Scripting
Hello all,
Here's the deal...I have one directory with many subdirs and files.
What I want to find out is who is keeping old files and directories...say files and dirs that they didn't use since a number of n days, only one level under the initial dir. Output to a file.
A script for... (5 Replies)
Discussion started by: ejianu
5 Replies
4. Shell Programming and Scripting
Hi ,
I am very new to unix as well as shell scripting. I have to write a script for the following requirement.
In a particular mount, have to list all the directories and sub directories along with size of the directory and sub directory in ascending order.
Please help me in this regard and many... (4 Replies)
Discussion started by: nmakkena
4 Replies
5. UNIX for Dummies Questions & Answers
Hi all,
Using grep command, i want to find the pattern of text in all directories and sub-directories.
e.g: if i want to search for a pattern named "parmeter", i used the command
grep -i "param" ../*
is this correct? (1 Reply)
Discussion started by: vinothrajan55
1 Replies
6. Shell Programming and Scripting
Can anyone come up with a unix command that lists
all the files, directories and sub-directories in the current directory
except a folder called log.?
Thank you in advance. (7 Replies)
Discussion started by: Manjunath B
7 Replies
7. Red Hat
whats the use of this create mask = 0777
wht means mask ? (3 Replies)
Discussion started by: babinlonston
3 Replies
8. UNIX for Dummies Questions & Answers
It is for HP-Unix B.11.31.
Requirement:
1. List the directories, having given pattern in the directories name, sorted by creation date.
Example: Directories with name "pkg32*" or "pkg33*"
2. On the output of 1. list the directories by creation date as sort order, with creation date... (2 Replies)
Discussion started by: Siva SQL
2 Replies
9. Solaris
I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. This is for Solaris. Please help. (1 Reply)
Discussion started by: blinkingdan
1 Replies
GZEXE(1) General Commands Manual GZEXE(1)
NAME
gzexe - compress executable files in place
SYNOPSIS
gzexe name ...
DESCRIPTION
The gzexe utility allows you to compress executables in place and have them automatically uncompress and execute when you run them (at a
penalty in performance). For example if you execute ``gzexe /usr/bin/gdb'' it will create the following two files:
-rwxr-xr-x 1 root root 1026675 Jun 7 13:53 /usr/bin/gdb
-rwxr-xr-x 1 root root 2304524 May 30 13:02 /usr/bin/gdb~
/usr/bin/gdb~ is the original file and /usr/bin/gdb is the self-uncompressing executable file. You can remove /usr/bin/gdb~ once you are
sure that /usr/bin/gdb works properly.
This utility is most useful on systems with very small disks.
OPTIONS
-d Decompress the given executables instead of compressing them.
SEE ALSO
gzip(1), znew(1), zmore(1), zcmp(1), zforce(1)
CAVEATS
The compressed executable is a shell script. This may create some security holes. In particular, the compressed executable relies on the
PATH environment variable to find gzip and some standard utilities (basename, chmod, ln, mkdir, mktemp, rm, sleep, and tail).
BUGS
gzexe attempts to retain the original file attributes on the compressed executable, but you may have to fix them manually in some cases,
using chmod or chown.
GZEXE(1)