Byron Posted September 20, 2008 Posted September 20, 2008 I'm not sure if I have a problem or not so maybe somebody can tell me. Shouldn't a chmod of 600 on this php page deny anybody from viewing it? http://byrondallas.heliohost.org/temp/index.php It denies me with an html page chmoded to 600: http://byrondallas.heliohost.org/temp/index.html Or is that the way php works on a server that runs php as cgi? Thanks, Byron
Byron Posted September 20, 2008 Author Posted September 20, 2008 Yeah. 600 only lets owner read/write. But your seeing my php page, right? So that means I (or we) have a permissions problem with php I think.
Wizard Posted September 20, 2008 Posted September 20, 2008 Yeah. 600 only lets owner read/write. But your seeing my php page, right? So that means I (or we) have a permissions problem with php I think. Hm... well a php file is executed... but that doesn't explain it either. Strange. Are you sure permissions are 600? Also, try with with files other than your index.
Byron Posted September 20, 2008 Author Posted September 20, 2008 Hm... well a php file is executed... but that doesn*t explain it either. Strange. Are you sure permissions are 600? Also, try with with files other than your index. There's no doubt that they are chmoded 600. All of these file are chmoded to 600: http://byrondallas.heliohost.org/temp/index.html http://byrondallas.heliohost.org/temp/index.php http://byrondallas.heliohost.org/temp/info.php If I do a Unix Command on my directory, this is what I get: -rw-r--r-- = 644 -rw------- = 600 ----------------------------------------- -rw-r--r-- 1 byron byron 36894 Jul 17 08:08 crowded-house.jpg -rw------- 1 byron byron 1635 May 9 17:44 index.html -rw------- 1 byron byron 1075 Sep 20 09:07 index.php -rw------- 1 byron byron 25 Sep 20 12:33 info.php You might want to try it on your site and see if the same thing happens? Byron
Wizard Posted September 20, 2008 Posted September 20, 2008 Hm... well a php file is executed... but that doesn*t explain it either. Strange. Are you sure permissions are 600? Also, try with with files other than your index. There's no doubt that they are chmoded 600. All of these file are chmoded to 600: http://byrondallas.heliohost.org/temp/index.html http://byrondallas.heliohost.org/temp/index.php http://byrondallas.heliohost.org/temp/info.php If I do a Unix Command on my directory, this is what I get: -rw-r--r-- = 644 -rw------- = 600 ----------------------------------------- -rw-r--r-- 1 byron byron 36894 Jul 17 08:08 crowded-house.jpg -rw------- 1 byron byron 1635 May 9 17:44 index.html -rw------- 1 byron byron 1075 Sep 20 09:07 index.php -rw------- 1 byron byron 25 Sep 20 12:33 info.php You might want to try it on your site and see if the same thing happens? Byron Lol. Hurray for ls -la! Anyhow, I'm not well versed in php, so I don't have any more insight. My site's currently DOA. I'm just waiting for the old one to expire and then I'll register on the new server.
Byron Posted September 21, 2008 Author Posted September 21, 2008 Lol. Hurray for ls -la! Exactly what does that mean? Anyhow, I'm not well versed in php, so I don't have any more insight. You know I really didn't need to go through all of this with you, but since you seemed to think I was to incompitent to know how to chmod files or that I would come over here and post that I had permission problems without making sure my files were actually set to 600 and not something else and now you tell me you don't know anything about php and you don't even have a site to test on LOL. I think next time I'll just wait for djbob's reply. Thanks anyway Wizard, Byron
Ashoat Posted September 21, 2008 Posted September 21, 2008 Our PHP is loaded through suPHP, meaning that all PHP files are executed by each account's user. For instance, when your temp/index.php is executed it is loaded by the user "byron", who also happens to own it. This allows for better security and functionality. Since 600 gives read/write permissions to the owner ("byron") and since PHP is executed by your user ("byron"), permission is granted for PHP to read your file. On the other hand, HTML files are served purely by Apache. Apache is run under user "httpd". Since you gave permissions on your temp/index.html only to the user "byron", "httpd" is unable to access the HTML file and gives you an access denied message. If I do a Unix Command on my directory, this is what I get:Ermm, exactly how are you running Unix commands? They should be disabled under PHP. Did you just put the command under cron or something?
Byron Posted September 21, 2008 Author Posted September 21, 2008 Our PHP is loaded through suPHP, meaning that all PHP files are executed by each account's user. For instance, when your temp/index.php is executed it is loaded by the user "byron", who also happens to own it. This allows for better security and functionality. Since 600 gives read/write permissions to the owner ("byron") and since PHP is executed by your user ("byron"), permission is granted for PHP to read your file. So are you saying that everybody should be able to see my php pages when they are chmoded to 600? I take it that your able to see them, right? If I do a Unix Command on my directory, this is what I get: Ermm, exactly how are you running Unix commands? They should be disabled under PHP. Did you just put the command under cron or something? I'm using a cgi unix command tool. It's a web-based UNIX Shell Interface that uses non-interactive commands only. This is what the info says about it: The Commander is a web-based UNIX shell interface. From a web browser, this script allows you to run UNIX commands on your web host server (depending on the permissions set by your server administrator). This is particularly useful if your domain hosting provider does not allow telnet access. All you need to do is install the script in your CGI-BIN and call it from any web browser. and I have it password protected with .htaccess Byron
Ashoat Posted September 21, 2008 Posted September 21, 2008 So are you saying that everybody should be able to see my php pages when they are chmoded to 600? I take it that your able to see them, right?What do you mean by everyone, and what do you mean by see? Everyone is able to see the executed result of your pages from your website (unless you block their IP or secure through .htaccess or something). Nobody is able to see the source code of your page (except me, but that is irrelevant). What are you trying to accomplish with 600 permissions?
Byron Posted September 21, 2008 Author Posted September 21, 2008 What do you mean by everyone, and what do you mean by see? Everyone is able to see the executed result of your pages from your website (unless you block their IP or secure through .htaccess or something). Nobody is able to see the source code of your page (except me, but that is irrelevant). Everyone as in anybody who clicks onto my page url. And yes I understand that no one can see the source code of server side scripting no matter what I chmod it as, but it was my understanding that a permissions of 600 would block world access to the page but allow system access such as a cron job. I know on my old server that a setting of 600 would deny me and everybody else to my php pages but that server ran php as an Apache module. And today when I tried chmodding a file to 600 I found it a little strange that I was able to execute it and thought maybe something was wrong. What are you trying to accomplish with 600 permissions? Nothing really. I just thought since my directory sweeper, (that is run by a cron job) didn't need world access and could have a permission of 600 and cron would still be able to execute it but would keep anybody else from executing it. It's really not that important, I was just concerned that maybe I had permission problems, but if you say that's the way it's supposed to work than that's all that matters. Thanks, Byron
Ashoat Posted September 21, 2008 Posted September 21, 2008 but it was my understanding that a permissions of 600 would block world access to the page but allow system access such as a cron job.That's not quite correct. In UNIX, every file has a single user that owns it and a single group that owns it. The first number is the permission that is given to the user who owns the file, the second number is the permission that is given to the group that owns the file, and the last number is the permission that is given to everyone else. Nobody uses groups much (cPanel has a corresponding group for every user). What do you mean by system access? Cron jobs are run under the user that configures them.
Byron Posted September 21, 2008 Author Posted September 21, 2008 What do you mean by system access? Cron jobs are run under the user that configures them. All I meant by system access was that cron would still be able to execute the file even though on my old server the file couldn't be executed by me. This is a php file chmoded to 600 from my old server: http://byrondallas.p4h.biz/php/index.php It's a long story on my old server, even though it's still up and running, it's subject to go down for weeks at a time and there's no administrator or forum for that domain anymore and hasn't been for over a year and that's why I'm with heliohost now and really fortunate (btw) that I found such a really great host. Thanks, Byron
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now