fedora-list Digest, Vol 6, Issue 369

[Øyvind Lode]

On Tue, 2004-08-31 at 14:23, Øyvind Lode wrote:

> This work just fine but he is worried by the permissions on the file. 
> The guestbook.txt file have the following permissions:
> -rwxr-xrw-
> 
> Owner is the username of my friend and the groupowner is also my 
> friend.
> 
> He have heard someplace that having such a file world writeable is a 
> security risk. He tells me that the file should not be writeable for 
> everyone but it has to be or the php script fails I tell him...

> The only problem is that he doesn't remember how this was done and 
> don't know either...
> 
> How is this done by the Pro's?

: Not sure how the "Pro's" do it, but what you probably need to do is assign
group permissions on the file to the user that : php runs as.  I think it is
the user apache runs as which on fedora is either apache or nobody.  (I
think that depends on : if you installed from source or RPM
: files)

: Then you would need 770 permissions which mean the owner and the group
have read/write permissions and others (the world) : have no permissions on
that file.

: (770 translates to -rwxrwx---)

Hi

Yepp Yepp!!!
This did the trick :-)

Changed group owner to apache (which is the user and group my apache runs
under)
Did'nt find any user/group in the php.conf file so it looks like it using
the same user as the web server - like you said.

I changed the permission to 770 and tested the guestbook and everything
works just fine.

Thanks

-Øyvind