SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Wizard
    Join Date
    Mar 2008
    Location
    United Kingdom
    Posts
    1,285
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    File Permissions on Directories?

    Hi,

    I'd like to allow a script on my server to upload files to the server, and for the public to view the files.
    However, I don't want the public to be able to write files to that folder.

    What CHMOD value would I use to achieve this?


    Many thanks.

  2. #2
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,031
    Mentioned
    152 Post(s)
    Tagged
    2 Thread(s)
    Let me rephrase that:

    "I want people to be able to write to a folder, but I don't want people to be able to write to that folder".

    Sounds like a deadlock to me ...
    Anyone else?
    Rémon - Hosting Advisor

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  3. #3
    SitePoint Wizard
    Join Date
    Mar 2008
    Location
    United Kingdom
    Posts
    1,285
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Eeeek. My apolgies.

    I want my script on my server to be able to write files to the folder.

    But I don't want scripts, not on the server, to write to it.


    Also, what would be the safest CHMOD value to give, if I just wanted to FTP my files to the server and let public view them?

  4. #4
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,031
    Mentioned
    152 Post(s)
    Tagged
    2 Thread(s)
    Quote Originally Posted by invision2 View Post
    Also, what would be the safest CHMOD value to give, if I just wanted to FTP my files to the server and let public view them?
    644, given the FTP uploader is the owner of the file(s).
    Last edited by ScallioXTX; Jan 6, 2010 at 11:52. Reason: Not 755, but 644
    Rémon - Hosting Advisor

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  5. #5
    SitePoint Wizard
    Join Date
    Mar 2008
    Location
    United Kingdom
    Posts
    1,285
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Cool.

    And 755 wouldn't allow "outsiders" to write files?

  6. #6
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,031
    Mentioned
    152 Post(s)
    Tagged
    2 Thread(s)
    Quote Originally Posted by invision2 View Post
    Cool.

    And 755 wouldn't allow "outsiders" to write files?
    I meant 644, and yes, that wouldn't allow outsiders to write the files.
    Rémon - Hosting Advisor

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  7. #7
    SitePoint Wizard
    Join Date
    Mar 2008
    Location
    United Kingdom
    Posts
    1,285
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Aaaah, OK.

    It's strange though, as I've made one directory '644' and now I get a 'Forbidden' message when I try to view it(?)

    Is that supposed to be the case?

  8. #8
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,031
    Mentioned
    152 Post(s)
    Tagged
    2 Thread(s)
    Quote Originally Posted by invision2 View Post
    Aaaah, OK.

    It's strange though, as I've made one directory '644' and now I get a 'Forbidden' message when I try to view it(?)

    Is that supposed to be the case?
    Wait ...

    It's a directory, not a file /desk ...

    Try 755 for directories and 644 for files ...
    Rémon - Hosting Advisor

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  9. #9
    SitePoint Wizard
    Join Date
    Mar 2008
    Location
    United Kingdom
    Posts
    1,285
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes, a directory.

    755 for directories, 644 files. Sounds good.

    Many thanks for your help with this. It was so close to dinner, I wasn't making any sense

    I think our site got brut3 forc3d hit I've a feeling they got into the administration directory and uploaded a maliscious file to one of my other folders

    That's why I was hoping to quash it if possible.

    So 755 will only allow people to upload files, using a script on my server?

  10. #10
    SitePoint Wizard
    Join Date
    Mar 2008
    Location
    United Kingdom
    Posts
    1,285
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Oh, and if I had super secure scripts(like db connection ones), would I keep these out of the root?

    Thanks again for all your help.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •