RE: fedora-list Digest, Vol 6, Issue 369
From: Qyvind_Lode?= (o-lode_at_online.no)
Date: 08/31/04
- Previous message: Mike Ramirez: "Re: Loki games"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <fedora-list@redhat.com> Date: Tue, 31 Aug 2004 23:12:54 +0200
On Tue, 2004-08-31 at 14:23, Øyvind Lode wrote:
> This work just fine but he is worried by the permissions on the file.
> The guestbook.txt file have the following permissions:
> -rwxr-xrw-
>
> Owner is the username of my friend and the groupowner is also my
> friend.
>
> He have heard someplace that having such a file world writeable is a
> security risk. He tells me that the file should not be writeable for
> everyone but it has to be or the php script fails I tell him...
> The only problem is that he doesn't remember how this was done and
> don't know either...
>
> How is this done by the Pro's?
: Not sure how the "Pro's" do it, but what you probably need to do is assign
group permissions on the file to the user that : php runs as. I think it is
the user apache runs as which on fedora is either apache or nobody. (I
think that depends on : if you installed from source or RPM
: files)
: Then you would need 770 permissions which mean the owner and the group
have read/write permissions and others (the world) : have no permissions on
that file.
: (770 translates to -rwxrwx---)
Hi
Yepp Yepp!!!
This did the trick :-)
Changed group owner to apache (which is the user and group my apache runs
under)
Did'nt find any user/group in the php.conf file so it looks like it using
the same user as the web server - like you said.
I changed the permission to 770 and tested the guestbook and everything
works just fine.
Thanks
-Øyvind
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Mike Ramirez: "Re: Loki games"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
