SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Enthusiast Jujubee's Avatar
    Join Date
    Mar 2001
    Location
    Canada
    Posts
    98
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've got a script that outputs a file to the disk. Now I will get a "Permission Denied" unless the directory it writes to is 777.

    I thought that since the script was running on the server, it wouldn't need "World write" privileges, but it does. ???

    I'm concerned about security - I don't like leaving directories as world writeable (even though I'm not too sure of the implications).

    Thanks for the help.

  2. #2
    You talkin to me? Anarchos's Avatar
    Join Date
    Oct 2000
    Location
    Austin, TX
    Posts
    1,438
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't know why that would be necessary, but if you make the previous directory readable only to you, it won't matter that everyone can write to the lower directory, because they won't be able to get to it.

  3. #3
    SitePoint Enthusiast
    Join Date
    Nov 2000
    Location
    Allentown PA
    Posts
    41
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It needs to be world writeable because, in general, PHP is run as an Apache module. Therefore, your PHP script runs as (usually) "nobody". "Nobody" doesn't have permission to write to a directory you created unless it's world writeable.

    (I suppose you could create the directory as "nobody", but then you wouldn't be able to do anything to it except through PHP)

  4. #4
    AdSpeed.com Son Nguyen's Avatar
    Join Date
    Aug 2000
    Location
    Silicon Valley
    Posts
    2,241
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'd suggest a 707 instead of 777 if you're on a shared environment
    - Son Nguyen
    AdSpeed.com - Ad Serving and Ad Management Made Easy

  5. #5
    SitePoint Enthusiast Jujubee's Avatar
    Join Date
    Mar 2001
    Location
    Canada
    Posts
    98
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What are the implications of these permissions as it applies to security? Should I be worried?

    Or should I be concentrating on protecting my scripts with PHP authentication?

  6. #6
    SitePoint Wizard silver trophy Karl's Avatar
    Join Date
    Jul 1999
    Location
    Derbyshire, UK
    Posts
    4,411
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OK, here goes:

    Ideally the script should be chmod 755, then the script should be chgrp nobody or whatever user you web server runs as. If you need to output multiple files then the best bet would be to do the same process above to the directory the files are written to. You may need your web host to this for you as your username will not be placed in the nobody group.
    Karl Austin :: Profile :: KDA Web Services Ltd.
    Business Web Hosting :: Managed Dedicated Hosting
    Call 0800 542 9764 today and ask how we can help your business grow.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •