permissions problem

**Jerry Stuckle** · Sep 26 '06, 12:55 AM

Re: permissions problem

veg_all@yahoo.c om wrote:

i am writing a simple script that needs to read data from a file, say
foo.txt. When the script is called the server is run as 'nobody'. So I
chmod foo.txt to 606 so that nobody can read and write to it. The
problem with 606 is that now anyone can simply type in the url to
foot.txt, i.e http://mysite.com/foo.txt and read its contents. How can
I prevent this? I suppose I could raname it to foo.php instead?
>

Don't have the file within your web site root directory. Or use Apache
configuration/.htaccess to block access to the file though the web. Or
change the script that reads it to run as another user.

All kinds of possibilities.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**veg_all@yahoo.com** · Sep 26 '06, 01:25 AM

Re: permissions problem

Jerry Stuckle wrote:

Don't have the file within your web site root directory. Or use Apache
configuration/.htaccess to block access to the file though the web. Or
change the script that reads it to run as another user.
>
All kinds of possibilities.
>

those probably would work but are a little more maintenance than i had
in mind. anything simpler we may be overlooking?

**Jerry Stuckle** · Sep 26 '06, 01:25 AM

Re: permissions problem

veg_all@yahoo.c om wrote:

Jerry Stuckle wrote:
>
>

>>Don't have the file within your web site root directory. Or use Apache
>>configurati on/.htaccess to block access to the file though the web. Or
>>change the script that reads it to run as another user.
>>
>>All kinds of possibilities.
>>

>
>
those probably would work but are a little more maintenance than i had
in mind. anything simpler we may be overlooking?
>

Not if it's in the docroot and you let everyone have read access to it.

Placing it outside the document root should have zero maintenance. If
it's always the same filename, setting up .htaccess has zero
maintenance. Making the script run as another user has zero maintenance.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**veg_all@yahoo.com** · Sep 26 '06, 01:35 AM

Re: permissions problem

Jerry Stuckle wrote:

>
Placing it outside the document root should have zero maintenance. If
it's always the same filename, setting up .htaccess has zero
maintenance. Making the script run as another user has zero maintenance.

These are all one extra thing you need to do to get the script to run.
I need to be able to setup the script on a different server often, so
this would add to the checklist. Hence I am looking for the easiest
solution that would not require me to make additional changes.

**Jerry Stuckle** · Sep 26 '06, 01:45 AM

Re: permissions problem

veg_all@yahoo.c om wrote:

Jerry Stuckle wrote:
>

>>Placing it outside the document root should have zero maintenance. If
>>it's always the same filename, setting up .htaccess has zero
>>maintenance . Making the script run as another user has zero maintenance.

>
>
These are all one extra thing you need to do to get the script to run.
I need to be able to setup the script on a different server often, so
this would add to the checklist. Hence I am looking for the easiest
solution that would not require me to make additional changes.
>

So you're changing the conditions now. This isn't the same problem you
originally started with.

Well, you're going to have to do something anyway. Renaming it to .php
won't do a thing unless it's php code. And it has to go someplace.
Outside the server root directory is as good of a place as any.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**Sandman** · Sep 26 '06, 08:05 AM

Re: permissions problem

In article <1159235397.971 519.254830@h48g 2000cwc.googleg roups.com>,
veg_all@yahoo.c om wrote:

Jerry Stuckle wrote:

Placing it outside the document root should have zero maintenance. If
it's always the same filename, setting up .htaccess has zero
maintenance. Making the script run as another user has zero maintenance.

>
These are all one extra thing you need to do to get the script to run.
I need to be able to setup the script on a different server often, so
this would add to the checklist. Hence I am looking for the easiest
solution that would not require me to make additional changes.

Eh, he is giving you the solutions that apply to your problem. How
that affects your workflow wasn't known and isn't his problem. If the
file is in the docroot, people will be able to read it. Keep sensitive
data out of the docroot. run sensitive scripts as another user, use
..htaccess of you must have it in the docroot.

--
Sandman[.net]

permissions problem

permissions problem

Comment

Comment

Comment

Comment

Comment

Comment