On 18 Mar 2007 09:16:35 -0700, Jordi <[EMAIL PROTECTED]> wrote:
Hello I have a web server in my PC. I need to chmod the files correctly so I don't have a security risk. I am using a CMS for the website. I have full access to my pc, as it is in my house, and I can manipulate it through keyboard, so I have no problem to change the chmod to the most restrictive ones. I have these: 1) The config file, wich I chmod 444. This way is readable for all, but can't be executed or writen. What does this mean? People can read the password and user and other data there? Should I chmod that to 400 ? So no one, except me, can read it?
Usually the Web server is "others" if porperly set up, so its accessibility to the files that are owned by you is controlled by the third digest. So the permission of the config file should be set to 444 (or 644) if it is to be read by the Web server. The password should be in the script. It will be read and parsed by the interpreter so the Web users cannot see it if the CMS is properly written. 2) The folders that users need to write to. For example where they
upload the images or files that are public. I should chmod them to 777. Is this right?
Right. The third digest should be 7 so that the Web server can write to it. 3) The rest of the website folders. I think they are well chmod 755.
This means I can write, and the other can open or execute.
I think 755 is all right. The execute bit for a directory means the permission of going into the directory. I think this is not a good setup. Maybe, I can do a more restrictive
setup that permits all people look the website, use it. Remember, I have those 3 pieces: the config, the users folders and the rest.
Are those chmod ok?
Should I do a different chmod for files and folders? How? Thanks Jordi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
-- Cheers, Wei http://www.acplex.com/people/wchen/
