Jump to content

Permissions Problem?

Byron

By Byron
in Questions

 Share

Recommended Posts

Byron Explorer

Byron

Posted
Posted

I'm not sure if I have a problem or not so maybe somebody can tell me. Shouldn't a chmod of 600 on this php page deny anybody from viewing it?

 

http://byrondallas.heliohost.org/temp/index.php

 

It denies me with an html page chmoded to 600:

 

http://byrondallas.heliohost.org/temp/index.html

 

Or is that the way php works on a server that runs php as cgi?

 

Thanks,

Byron

 

 

 

 

Link to comment
Share on other sites
Wizard Newbie

Wizard

Posted
Posted
Yeah. 600 only lets owner read/write.

 

But your seeing my php page, right? So that means I (or we) have a permissions problem with php I think. :)

Hm... well a php file is executed... but that doesn't explain it either. Strange. Are you sure permissions are 600? Also, try with with files other than your index.

Link to comment
Share on other sites
Byron Explorer

Byron

Posted
  • Author
Posted
Hm... well a php file is executed... but that doesn*t explain it either. Strange. Are you sure permissions are 600? Also, try with with files other than your index.

 

There's no doubt that they are chmoded 600. All of these file are chmoded to 600:

 

http://byrondallas.heliohost.org/temp/index.html

 

http://byrondallas.heliohost.org/temp/index.php

 

http://byrondallas.heliohost.org/temp/info.php

 

If I do a Unix Command on my directory, this is what I get:

 

-rw-r--r-- = 644

-rw------- = 600

-----------------------------------------

-rw-r--r--  1 byron byron  36894 Jul 17 08:08 crowded-house.jpg
-rw-------  1 byron byron   1635 May  9 17:44 index.html
-rw-------  1 byron byron   1075 Sep 20 09:07 index.php
-rw-------  1 byron byron     25 Sep 20 12:33 info.php

 

You might want to try it on your site and see if the same thing happens?

 

Byron

 

 

Link to comment
Share on other sites
Wizard Newbie

Wizard

Posted
Posted
Hm... well a php file is executed... but that doesn*t explain it either. Strange. Are you sure permissions are 600? Also, try with with files other than your index.

 

There's no doubt that they are chmoded 600. All of these file are chmoded to 600:

 

http://byrondallas.heliohost.org/temp/index.html

 

http://byrondallas.heliohost.org/temp/index.php

 

http://byrondallas.heliohost.org/temp/info.php

 

If I do a Unix Command on my directory, this is what I get:

 

-rw-r--r-- = 644

-rw------- = 600

-----------------------------------------

-rw-r--r--  1 byron byron  36894 Jul 17 08:08 crowded-house.jpg
-rw-------  1 byron byron   1635 May  9 17:44 index.html
-rw-------  1 byron byron   1075 Sep 20 09:07 index.php
-rw-------  1 byron byron     25 Sep 20 12:33 info.php

 

You might want to try it on your site and see if the same thing happens?

 

Byron

Lol. Hurray for ls -la!

 

Anyhow, I'm not well versed in php, so I don't have any more insight. -_-

 

My site's currently DOA. ;) I'm just waiting for the old one to expire and then I'll register on the new server.

Link to comment
Share on other sites
Byron Explorer

Byron

Posted
  • Author
Posted
Lol. Hurray for ls -la!

 

Exactly what does that mean?

 

Anyhow, I'm not well versed in php, so I don't have any more insight. -_-

 

You know I really didn't need to go through all of this with you, but since you seemed to think I was to incompitent to know how to chmod files or that I would come over here and post that I had permission problems without making sure my files were actually set to 600 and not something else and now you tell me you don't know anything about php and you don't even have a site to test on LOL. I think next time I'll just wait for djbob's reply. :)

 

Thanks anyway Wizard,

Byron

 

 

Link to comment
Share on other sites
Ashoat Explorer

Ashoat

Posted
Posted

Our PHP is loaded through suPHP, meaning that all PHP files are executed by each account's user. For instance, when your temp/index.php is executed it is loaded by the user "byron", who also happens to own it. This allows for better security and functionality. Since 600 gives read/write permissions to the owner ("byron") and since PHP is executed by your user ("byron"), permission is granted for PHP to read your file.

 

On the other hand, HTML files are served purely by Apache. Apache is run under user "httpd". Since you gave permissions on your temp/index.html only to the user "byron", "httpd" is unable to access the HTML file and gives you an access denied message.

 

If I do a Unix Command on my directory, this is what I get:
Ermm, exactly how are you running Unix commands? They should be disabled under PHP. Did you just put the command under cron or something?
Link to comment
Share on other sites
Byron Explorer

Byron

Posted
  • Author
Posted
Our PHP is loaded through suPHP, meaning that all PHP files are executed by each account's user. For instance, when your temp/index.php is executed it is loaded by the user "byron", who also happens to own it. This allows for better security and functionality. Since 600 gives read/write permissions to the owner ("byron") and since PHP is executed by your user ("byron"), permission is granted for PHP to read your file.

 

So are you saying that everybody should be able to see my php pages when they are chmoded to 600? I take it that your able to see them, right?

 

If I do a Unix Command on my directory, this is what I get:

Ermm, exactly how are you running Unix commands? They should be disabled under PHP. Did you just put the command under cron or something?

 

I'm using a cgi unix command tool. It's a web-based UNIX Shell Interface that uses non-interactive commands only. This is what the info says about it:

 

The Commander is a web-based UNIX shell interface. From a web browser, this script allows you to run UNIX commands on your web host server (depending on the permissions set by your server administrator). This is particularly useful if your domain hosting provider does not allow telnet access. All you need to do is install the script in your CGI-BIN and call it from any web browser.

 

and I have it password protected with .htaccess

 

Byron

 

 

Link to comment
Share on other sites
Ashoat Explorer

Ashoat

Posted
Posted
So are you saying that everybody should be able to see my php pages when they are chmoded to 600? I take it that your able to see them, right?
What do you mean by everyone, and what do you mean by see? Everyone is able to see the executed result of your pages from your website (unless you block their IP or secure through .htaccess or something). Nobody is able to see the source code of your page (except me, but that is irrelevant).

 

What are you trying to accomplish with 600 permissions?

Link to comment
Share on other sites
Byron Explorer

Byron

Posted
  • Author
Posted
What do you mean by everyone, and what do you mean by see? Everyone is able to see the executed result of your pages from your website (unless you block their IP or secure through .htaccess or something). Nobody is able to see the source code of your page (except me, but that is irrelevant).

 

Everyone as in anybody who clicks onto my page url. And yes I understand that no one can see the source code of server side scripting no matter what I chmod it as, but it was my understanding that a permissions of 600 would block world access to the page but allow system access such as a cron job. I know on my old server that a setting of 600 would deny me and everybody else to my php pages but that server ran php as an Apache module. And today when I tried chmodding a file to 600 I found it a little strange that I was able to execute it and thought maybe something was wrong.

 

What are you trying to accomplish with 600 permissions?

 

Nothing really. I just thought since my directory sweeper, (that is run by a cron job) didn't need world access and could have a permission of 600 and cron would still be able to execute it but would keep anybody else from executing it. It's really not that important, I was just concerned that maybe I had permission problems, but if you say that's the way it's supposed to work than that's all that matters. :)

 

Thanks,

Byron

 

 

Link to comment
Share on other sites
Ashoat Explorer

Ashoat

Posted
Posted
but it was my understanding that a permissions of 600 would block world access to the page but allow system access such as a cron job.
That's not quite correct. In UNIX, every file has a single user that owns it and a single group that owns it. The first number is the permission that is given to the user who owns the file, the second number is the permission that is given to the group that owns the file, and the last number is the permission that is given to everyone else. Nobody uses groups much (cPanel has a corresponding group for every user).

 

What do you mean by system access? Cron jobs are run under the user that configures them.

Link to comment
Share on other sites
Byron Explorer

Byron

Posted
  • Author
Posted
What do you mean by system access? Cron jobs are run under the user that configures them.

 

All I meant by system access was that cron would still be able to execute the file even though on my old server the file couldn't be executed by me. This is a php file chmoded to 600 from my old server:

 

http://byrondallas.p4h.biz/php/index.php

 

It's a long story on my old server, even though it's still up and running, it's subject to go down for weeks at a time and there's no administrator or forum for that domain anymore and hasn't been for over a year and that's why I'm with heliohost now and really fortunate (btw) that I found such a really great host. :)

 

Thanks,

Byron

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...