Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New Coder
    Join Date
    Sep 2004
    Posts
    60
    Thanks
    1
    Thanked 0 Times in 0 Posts

    unix permissions questions

    You load file A in your browser which causes file A to open and read the data in file B in directory X.

    What are the minimum permissions file A needs to have?
    What are the minimum permissions file B needs to have?
    What are the minimum permissions directory X needs to have?

    If you have questions you need answered before answering, please ask. Thanks.

  • #2
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    r-x, (5), for directories, r--, (4), for files. As to which, owner, group or other depends on who the user/owner is and who the HTTPD daemon is running as.

  • #3
    New Coder
    Join Date
    Sep 2004
    Posts
    60
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thanks. I am the owner of the files.

    Chmod-ing directoryX to dr-xr--r-- makes it inaccessible via the browser.

    Chmod-ing it to 445 makes it accessible via the browser. dr--r--r-x

    However, I can't edit the file in the directory with my code editor.

    Chmod-ing directoryX to 545 allows me to edit fileB.

    fileB in directoryX is set to -r-xr--r-- 544

    and that enables me to edit it and read from it with the browser. Anything less causes denials.

    I didn't specify being able to edit the file, but those seem to be the minimal permissions required for the scenario.

  • #4
    New Coder
    Join Date
    Sep 2004
    Posts
    60
    Thanks
    1
    Thanked 0 Times in 0 Posts
    To do the same, but writing instead of reading:

    -rw-r--r-- fileC.php

    drwxr-xr-x directoryY

    -rwxrwxrwx fileD.php (inside directoryY)

  • #5
    Super Moderator
    Join Date
    Feb 2009
    Location
    England
    Posts
    539
    Thanks
    8
    Thanked 63 Times in 54 Posts
    You need to understand user, group and other. You also need to know what your web server (apache, lighttpd, iis) is running as. It's often "nobody" in typical apache configurations, which should fall into "other". In this scenario, you could have:

    A u r-- g r-- o r--
    B u r-- g r-- o r--

    But the folder should technically be possible to have as:
    X u r-- g r-- o r--

    But in reality you'll probably need

    X u r-x g r-x o r-x

    If the web server is configured with "suPHP" or similar and uid/gid match, you can do:

    A u r-- g --- o ---
    B u r-- g --- o ---
    X u r-x g --- o ---
    lamped.co.uk :: Design, Development & Hosting
    marcgray.co.uk :: Technical blog

  • #6
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    Have a read of this man page too:

    http://netbsd.gw.com/cgi-bin/man-cgi...NetBSD-current

  • #7
    New Coder
    Join Date
    Sep 2004
    Posts
    60
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thanks for everyone's replies.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •