Dear List -
Tried to run the program, that we have been discussing, and received a
403 error.
rosenberg:/var/www# ls -la StoreInventory.php
-rwxrwxrw- 1 ethan ethan 4188 Aug 26 20:26 StoreInventory.php
rosenberg:/var# ls -ld www
drwxrwxrw- 37 ethan ethan 20480 Aug 26 20:26 www
I had set the
If your web-server is setup to read files with .php extension
through PHP engine (it is I guess)
than no body from outside (using HTTP) can't read content of
original PHP file only the output of that particular script.
The only concern you may have is that somebody else on that server
can
Bojan Tesanovic wrote:
Heh you are really new to Linux
permissions on linux are set per user/group/other bases
so for most secure set permissions to read only for web-server user
so
chown 'webserveruser' file.php
chmod 400 file.php
make sure you have root access at server so you can change
Heh you are really new to Linux
permissions on linux are set per user/group/other bases
so for most secure set permissions to read only for web-server user
so
chown 'webserveruser' file.php
chmod 400 file.php
make sure you have root access at server so you can change that file
or make a group
Hi,
I'm very new to php.
One thing I noticed in order to run the php program (on a linux server) I
need to set the read permission
for Other.
In this program I'll have the MySQL credentials defined.
Are there are any security concerns when the read permission
is set like this. Wouldn't it be
On Thu, August 9, 2007 8:15 pm, jekillen wrote:
>
> On Aug 8, 2007, at 9:34 PM, Richard Lynch wrote:
>
>> On Wed, August 8, 2007 7:52 pm, jekillen wrote:
>> Apache runs as the "User" setting in httpd.conf
>>
>> If that "User" can rwx the files, then PHP can rwx the files.
>>
>> If not, not.
>>
>> I
On Aug 8, 2007, at 9:34 PM, Richard Lynch wrote:
On Wed, August 8, 2007 7:52 pm, jekillen wrote:
I have a question about including php files that are outside of
the web server document root. What permission does Apache
use to access files outside of the document root?
Here is the situation:
I
On Wed, August 8, 2007 7:52 pm, jekillen wrote:
> I have a question about including php files that are outside of
> the web server document root. What permission does Apache
> use to access files outside of the document root?
> Here is the situation:
> I want to store sensitive data such as login/p
jekillen wrote:
Hello again;
I have a question about including php files that are outside of
the web server document root. What permission does Apache
use to access files outside of the document root?
Same as inside the document root afaik.
I want to store sensitive data such as login/pw data
Hello again;
I have a question about including php files that are outside of
the web server document root. What permission does Apache
use to access files outside of the document root?
Here is the situation:
I want to store sensitive data such as login/pw data for
registered users. I also want to
On 3/23/07, Jim Lucas <[EMAIL PROTECTED]> wrote:
Rahul Sitaram Johari wrote:
> Ave,
>
> I¹m not sure if anyone here is going to be able to help, but I¹ve run into a
> permissions snag.
> I have Apache Web Server running on Mac OS X with PHP. I have a folder on a
> windows machine mounted on my Ma
Rahul Sitaram Johari wrote:
Ave,
I¹m not sure if anyone here is going to be able to help, but I¹ve run into a
permissions snag.
I have Apache Web Server running on Mac OS X with PHP. I have a folder on a
windows machine mounted on my Mac OS X as a share using the ³mount t smbfs
//[EMAIL PROTECT
Ave,
I can't believe I'm saying this, but SOLVED it!
Took me about 6 hours, and this one website, with this one little snippet in
one corner of a black & white page on the ENTIRE Internet gave me a solution
with this guy who had the same problem - and he wrote "fixed it for me, hope
it helps some
On 3/22/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote:
Ave,
> But i think that when remounting the partitition, the permissions are reset
too.
Unfortunately you're absolutely right! The share is re-mounted on a daily
basis (along with a reboot), and thus, even if the 'copy, delete from
ser
Ave,
> But i think that when remounting the partitition, the permissions are reset
too.
Unfortunately you're absolutely right! The share is re-mounted on a daily
basis (along with a reboot), and thus, even if the 'copy, delete from
server, copy to server' process were to work, with every unmount
On 3/22/07, Al <[EMAIL PROTECTED]> wrote:
Get a copy of WinSCP3 or FileZilla ftp utilities, both are free. They will show
you who the owner is for the dirs and files. You can also use a SSH shell
command; but, unless you are already familiar with Unix commands, using the
utilities will be a lot
Get a copy of WinSCP3 or FileZilla ftp utilities, both are free. They will show
you who the owner is for the dirs and files. You can also use a SSH shell
command; but, unless you are already familiar with Unix commands, using the
utilities will be a lot easier and quicker.
To change a file o
Yes, it does appear that samba on mac os x is not taking any configuration
options. I tried different options for the mount_smbfs command which does
have very specific user/owner/group related permissions options - but all
give me the same "operation not supported" error.
Let me take a closer loo
On 3/22/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote:
Ave,
Certainly looks very promising, but is giving me:
mount_smbfs: -o fmask=: option not supported
Let me google it too, see what I can come up with. Appreciate it a lot mate.
Hmm, i googled a little bit, and i found a norwegian sit
Well chmod is certainly not doing anything. I tried that to begin with. I
don't get an error, but it doesn't change any permissions. Just doesn't do
anything to the permissions of the file/folder. Like it's just ignored.
I did it as root using sudo.
On 3/22/07 12:18 PM, "Tijnema !" <[EMAIL PROT
Ave,
Certainly looks very promising, but is giving me:
mount_smbfs: -o fmask=: option not supported
Let me google it too, see what I can come up with. Appreciate it a lot mate.
On 3/22/07 12:48 PM, "Tijnema !" <[EMAIL PROTECTED]> wrote:
> On 3/22/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> w
On 3/22/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote:
Well chmod is certainly not doing anything. I tried that to begin with. I
don't get an error, but it doesn't change any permissions. Just doesn't do
anything to the permissions of the file/folder. Like it's just ignored.
I did it as ro
Ave,
"Or make sure the user apache runs on has write access to the share."
That's the problem I'm facing. I'm not sure how to do that. If I'm not
mistaken, Apache runs as user "nobody" on my Mac, but I don't know how to
give that user write access on the Windows Machine.
Yes, it is quite compli
On 3/22/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote:
Ave,
"Or make sure the user apache runs on has write access to the share."
That's the problem I'm facing. I'm not sure how to do that. If I'm not
mistaken, Apache runs as user "nobody" on my Mac, but I don't know how to
give that user
On 3/22/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote:
rahul:~/Documents/XFER rjohari$ ls -la osm
total 26548
drwxr-xr-x 1 rjohari rjohari16384 31 Dec 1969 .
drwxr-xr-x 5 rjohari rjohari 170 22 Mar 12:08 ..
-rwxr-xr-x 1 rjohari rjohari21508 13 Sep 2006 .DS_Store
[snip]
rahul:~/Documents/XFER rjohari$ ls -la osm
total 26548
drwxr-xr-x 1 rjohari rjohari16384 31 Dec 1969 .
drwxr-xr-x 5 rjohari rjohari 170 22 Mar 12:08 ..
-rwxr-xr-x 1 rjohari rjohari21508 13 Sep 2006 .DS_Store
-rwxr-xr-x 1 rjohari rjohari 82 14 Sep 2006 ._Temporary Items
On 3/22/07, Rahul Sitaram Johari <[EMAIL PROTECTED]> wrote:
Ave,
I¹m not sure if anyone here is going to be able to help, but I¹ve run into a
permissions snag.
I have Apache Web Server running on Mac OS X with PHP. I have a folder on a
windows machine mounted on my Mac OS X as a share using the
Ave,
I¹m not sure if anyone here is going to be able to help, but I¹ve run into a
permissions snag.
I have Apache Web Server running on Mac OS X with PHP. I have a folder on a
windows machine mounted on my Mac OS X as a share using the ³mount t smbfs
//[EMAIL PROTECTED]/ShareName Share².
The ³us
On Fri, April 21, 2006 3:48 pm, Benjamin Adams wrote:
> I have a text file that is just being read by php
> Can I change the permissions of it so www can not read it?
Yes.
Then PHP cannot read it, if your setup is what I think it is...
> what username does php uses to read files?
That depends.
Benjamin Adams wrote:
I have a text file that is just being read by php
Can I change the permissions of it so www can not read it?
what username does php uses to read files?
Use a .htaccess file, if your web server supports it.
For example, in apache2 you can do this:
Order Allow,Deny
Benjamin Adams wrote:
I have a text file that is just being read by php
Can I change the permissions of it so www can not read it?
what username does php uses to read files?
Usually www, so you could have a bit of a problem there. PHP runs under
the same user Apache does, although there are wa
I have a text file that is just being read by php
Can I change the permissions of it so www can not read it?
what username does php uses to read files?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
For our company's intranet, I've turned on Windows Authentication in IIS
so that I can automatically capture the network username for everyone
hitting our website. It works well, but I'm having a problem with file
permissions now.
PHP normally executes the page request with the "Intranet Guest Us
Jason, Hugh, John,
Thanks for all your help. And thanks Hugh for sending me your FTP
script.
It turns out that the chmod() command was the magic bullet I was
looking for. By placing
chmod ($imageName, 0777)
... into the script right after it places the uploaded file in it's
destinati
On Sunday 30 January 2005 23:04, Dave wrote:
> I'm not sure what you mean when you say "use PHP's FTP". I'm using
> $HTTP_POST_FILES because the files are retrieved through a web form.
What is meant by that is that after the file is uploaded, during your
processing of the upload file, instea
John, Hugh,
I'm not sure what you mean when you say "use PHP's FTP". I'm using
$HTTP_POST_FILES because the files are retrieved through a web form.
As for the user, I would assume that it's whatever default for any
viewer coming to a web page. I have people log in using a user name and
pas
Dave wrote:
PHP List,
The Situation:
I am building a content management system where users can, among
other things, upload images into a directory.
The Problem:
The image uploads fine, but once it's there, it can't be over
written. So if a user uploads an image, and then changes his
Use php's ftp commands.
Hugh
- Original Message -
From: "Dave" <[EMAIL PROTECTED]>
To:
Sent: Saturday, January 29, 2005 11:11 AM
Subject: [PHP] Permissions on uploaded image don't allow for over writing
PHP List,
The Situation:
I am building a conte
PHP List,
The Situation:
I am building a content management system where users can, among
other things, upload images into a directory.
The Problem:
The image uploads fine, but once it's there, it can't be over
written. So if a user uploads an image, and then changes his or her mind
Sorry,
I do not know the exect anaswer but i have one rough idea that in PHP we have
one function by which we can run the linux command like
fun_name("")
Actually i used this function long before so i forgot
we can use chmod 777 to our file or any command to change the permissionand by
this w
Hi Phil,
Phil Ewington - 43 Plc wrote:
Hi All,
I have a need for a PHP application to read/write Linux system files that
have root.root ownership. At present reading not a problem but writing
obviously is denied. I know there are probably some serious security issues
here, but what should I be doin
[snip]
I have a need for a PHP application to read/write Linux system files
that
have root.root ownership. At present reading not a problem but writing
obviously is denied. I know there are probably some serious security
issues
here, but what should I be doing to allow this behaviour. I am running
Hi All,
I have a need for a PHP application to read/write Linux system files that
have root.root ownership. At present reading not a problem but writing
obviously is denied. I know there are probably some serious security issues
here, but what should I be doing to allow this behaviour. I am runnin
Jason Wong wrote:
> On Tuesday 13 January 2004 06:46, Jas wrote:
>
> [Please trim your posts!]
>
>
>>Just tried that and I am getting the same error. I guess what I am
>>really looking for is a way to have apache restart the service without
>>adding the apache user in the 'sudoers' file.
>
>
On Tuesday 13 January 2004 06:46, Jas wrote:
[Please trim your posts!]
> Just tried that and I am getting the same error. I guess what I am
> really looking for is a way to have apache restart the service without
> adding the apache user in the 'sudoers' file.
If you really must restart system
Jake McHenry wrote:
- Original Message -
From: "Jas" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 12, 2004 4:47 PM
Subject: [PHP] permissions with bash scripts in php?
Something I have never tried... seems fairly straight-forward but I am
run
- Original Message -
From: "Jas" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 12, 2004 4:47 PM
Subject: [PHP] permissions with bash scripts in php?
> Something I have never tried... seems fairly straight-forward but I am
> running into
Something I have never tried... seems fairly straight-forward but I am
running into problems.
My problem is that I need to call system to restart a daemon service
like so...
$cmd = "/path/to/shell/script/script.sh";
system($cmd . " &> /tmp/error ");
?>
Script contains this command...
#!/bin/ba
On Wednesday 26 November 2003 02:38, Robin Kopetzky wrote:
> I have a program that is trying to write to a directory on a Windows server
> and I don't know how to setup the permissions to read/write/delete just
> from this directory. I have it permissions set to 'Everyone' but that
> doesn't work.
Robin Kopetzky wrote:
Good Morning/Afternoon.
I have a program that is trying to write to a directory on a Windows server
and I don't know how to setup the permissions to read/write/delete just from
this directory. I have it permissions set to 'Everyone' but that doesn't
work.
Help?!?!
If you are
Good Morning/Afternoon.
I have a program that is trying to write to a directory on a Windows server
and I don't know how to setup the permissions to read/write/delete just from
this directory. I have it permissions set to 'Everyone' but that doesn't
work.
Help?!?!
Robin 'Sparky' Kopetzky
Black M
> * Thus wrote Lowell Allen ([EMAIL PROTECTED]):
>> My commercial host is set up with the public root directory, "public_html",
>> owned by user: userid, group: nobody. Directories I create within
>> public_html are owned by user: userid, group: userid. As a result, PHP does
>> not have permission
* Thus wrote Lowell Allen ([EMAIL PROTECTED]):
> My commercial host is set up with the public root directory, "public_html",
> owned by user: userid, group: nobody. Directories I create within
> public_html are owned by user: userid, group: userid. As a result, PHP does
> not have permission to cre
My commercial host is set up with the public root directory, "public_html",
owned by user: userid, group: nobody. Directories I create within
public_html are owned by user: userid, group: userid. As a result, PHP does
not have permission to create files or write to files in public_html, but it
does
I'm using PHP version 4.2.2 on a Linux system running Apache. I am
trying to allow my users to upload a file, however I continue to receive a
"Permission denied" error when using move_uploaded_file() or copy(). The
file appears to be sent to the temporary directory successfully, but can not
b
On Tue, 2003-07-08 at 07:21, Steve Jackson wrote:
> If I set permissions of my server root to chmod 777 that's a security
> risk right?
> How do I set my server to allow me to write a file to my web root from
> another directory using PHP? Or is it a Unix problem?
>
> I have a generator file write
If I set permissions of my server root to chmod 777 that's a security
risk right?
How do I set my server to allow me to write a file to my web root from
another directory using PHP? Or is it a Unix problem?
I have a generator file writes a string to a text file and then renames
the text file as a
Tahnk you,
but I don't want to let web user see the log file
"Nicholas Wieland" <[EMAIL PROTECTED]> wrote in message
20030216011528.GA1411@localhost">news:20030216011528.GA1411@localhost...
> On 2003.02.15 20:11 qt wrote:
> > I am planning to make a log file with fopen command.
> >
> > I am succ
On 2003.02.15 20:11 qt wrote:
I am planning to make a log file with fopen command.
I am succesfully read and write the file with fopen. But as I see
fopen is requiring a file with read and write permission for public.
Not for public, for your webserver user, www-data or another similar
name.
Dear Sirs,
I am planning to make a log file with fopen command.
I am succesfully read and write the file with fopen. But as I see fopen is
requiring a file with read and write permission for public.
I was using same method with perl in cgi-bin directory; but I was giving
read and write permissio
I have a script which uploads images from the user. My webhost recently
moved things around and now I get permission errors when the file is
uploaded. I am using the path from the apache root to my destination folder
as the path to the image folder. My webhost told me that the folder has all
per
You can use array with the user permissions (stored in a session
variable), and use it someway like
if($_SESSION['perm']['do_that']) echo 'Do that';
Shaun wrote:
Hi
I want to make a secure site. The username , password and permission of the
users must be stored in database.
I only want certai
Hi
I want to make a secure site. The username , password and permission of the
users must be stored in database.
I only want certain icons (navigation bars) to be available to certain
users. How would i be able to do this with permissions ?
Thanks
Shaun
--
PHP General Mailing List (http:/
On Thu, 12 Sep 2002, Breno Cardoso Perucchi wrote:
> system("mkdir /home/hosting/test");
> but the PERMISSION IS DENIED and I am the root on my server.
> How I change the user to root?
Dude, you don't change to the root user ... you'll get yourself owned that
way. Change the permissions on the
I know, but how I change to root user?
--
Atenciosamente
Breno Cardoso Perucchi
[EMAIL PROTECTED]
Consultor - Omega Tecnologia
http://www.omegatec.net/
"Adam Williams" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> you don't. php/apache run as the user nobo
you don't. php/apache run as the user nobody for security purposes.
Adam
On Thu, 12 Sep 2002, Breno Cardoso Perucchi wrote:
> HI,
> I am trying to use a script php with the command:
> system("mkdir /home/hosting/test");
> but the PERMISSION IS DENIED and I am the root o
HI,
I am trying to use a script php with the command:
system("mkdir /home/hosting/test");
but the PERMISSION IS DENIED and I am the root on my server.
How I change the user to root?
Thanks
--
Atenciosamente
Breno Cardoso Perucchi
[EMAIL PROTECTED]
Consultor - Omega Tecnologia
http://www.omegat
Jason Wong <[EMAIL PROTECTED]> wrote:
>> I've tried changing the /tmp permissions, but the combinations
>> are considerable, and I don't have time to try them all. I was hoping
>> someone could point me in the right direction.
>
> Set it world readable/writeable?
Oooh, nasty. That should be your
> Dan - It seemed pretty obvious to me too, but again, the ini file
> hasn't changed since the whole thing worked. What has changed are the
> permissions under NT. I've tried changing the /tmp permissions, but
> the combinations are considerable, and I don't have time to try them
> all. I was h
On Tuesday 07 May 2002 21:58, brent wrote:
> At 02:30 PM 5/7/02 +0100, you wrote:
> > > Help. I've managed to hose myself. I had this page working fine until I
> > > went in and screwed up my users under NT4. I can't backtrack and
> > > figure out what I changed. Can anyone point me in the right
At 02:30 PM 5/7/02 +0100, you wrote:
> > Help. I've managed to hose myself. I had this page working fine until I
> > went in and screwed up my users under NT4. I can't backtrack and
> > figure out what I changed. Can anyone point me in the right direction?
> > Is this a permissions issue? Thank
On Tuesday 07 May 2002 21:30, Dan Hardiker wrote:
> Ok, sorry if Im gonna sound a little blunt, but the following error message
> looks rather obvious to me.
>
> > Warning: Failed to write session data (files). Please verify that the
> > current setting of session.save_path is correct (/tmp) in Un
> Help. I've managed to hose myself. I had this page working fine until I
> went in and screwed up my users under NT4. I can't backtrack and
> figure out what I changed. Can anyone point me in the right direction?
> Is this a permissions issue? Thanks.
Ok, sorry if Im gonna sound a little blun
Help. I've managed to hose myself. I had this page working fine until I
went in and screwed up my users under NT4. I can't backtrack and figure out
what I changed. Can anyone point me in the right direction? Is this a
permissions issue? Thanks.
Brent
Warning: open(/tmp\sess_6bdc839067df0a2b94
On Friday, April 19, 2002, at 02:44 PM, ROBERT MCPEAK wrote:
> Isn't it quite common to have php creating/editing/deleting files on
> the server? How is this done in a secure manner?
Running Apache/PHP as 'nobody' isn't really that secure, since there may
be other services running on the sys
Craig, you seem very knowledgable and I appreciate your help. I
confused matters by mentioning the word "upload." I'm actually not
using php to upload the files. The user ftps the files to the server,
and the ownership permissions prevent php from manipulating the files.
I'm looking for a clea
> How? Manually each time a file is uploaded? Or with PHP somehow?
>
> I appreciate your response, but perhaps I'm not clear enough.
>
> Isn't it quite common to have php creating/editing/deleting files on
> the server? How is this done in a secure manner?
>
> Could you explain further?
Well t
>>> "Dave Raven" <[EMAIL PROTECTED]> 04/19/02 01:55PM >>>
chown them to nobody.
- Original Message -
From: "ROBERT MCPEAK" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, April 19, 2002 7:53 PM
Subject: [PHP] php permiss
hem.
>
> How do I give php permissions to delete files etc., without opening up
> an security hole? Is this an issue at all?
First hit at Google:
http://www.w3.org/Security/Faq/
Erik Price
Web Developer Temp
Media Lab, H.H. Brown
[EMAIL PROTECTED]
--
PHP General Mailing Lis
chown them to nobody.
- Original Message -
From: "ROBERT MCPEAK" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, April 19, 2002 7:53 PM
Subject: [PHP] php permissions
> php is running on our box as nobody:nogroup. I'm trying to write php
>
olved, and I am a relative newbie
and I'm not sure what the issues are or how to find out more about
them.
How do I give php permissions to delete files etc., without opening up
an security hole? Is this an issue at all?
Help!
Thanks!
--
PHP General Mailing List (http://www.php.net/)
To u
andy thomas wrote:
>
> PHP will always run as the same user as Apache runs as.
>
true in Apache 1.3 and 2.0's prefork and worker mode. Not so in
perchild (once it starts working :) )
--
===
Jim Jagielski [|] [EMAI
On Mon, 4 Mar 2002, John Gurley wrote:
> Can someone pleas tell me if there is something funny when it comes to unix
> permissions and PHP. When php creates a file in unix the owner is
> nobody...does this raise any issues, and if it does could someone please
> tell me a web site where I could
nt: Monday, March 04, 2002 2:26 PM
To: [EMAIL PROTECTED]
Subject: [PHP] permissions
Can someone pleas tell me if there is something funny when it comes to unix
permissions and PHP. When php creates a file in unix the owner is
nobody...does this raise any issues, and if it does could someone please
tel
Can someone pleas tell me if there is something funny when it comes to unix
permissions and PHP. When php creates a file in unix the owner is
nobody...does this raise any issues, and if it does could someone please
tell me a web site where I could read more about this. Thanks alot.
John
__
Justin,
If your PHP script is placing the files there, they are owned by the 'web'
user. The web user doesn't have permission to change the file ownership
to you, but for your purposes all you should need to do is change the file
permissions in your PHP script after the file is uploaded:
chmod(
Hi,
I have a script which uploads an image to a directory within web root
(on Redhat 7.0). Whilst the dir itself was created via FTP, the images
of course have been written to the dir via a PHP script.
When I try to FTP a copy of the images down to my local hard disk, I get
"permission denied".
So sprach »Power Programmer« am 2001-09-14 um 13:06:05 -0700 :
> What permissions would I set a php file to that could only be ready by
> somebody logged into the server as root but still be executed via a website?
root can always read each and everything, so you don't have to care
about this "us
What permissions would I set a php file to that could only be ready by
somebody logged into the server as root but still be executed via a website?
is this possible?
Thanks
Randy
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.
lt;[EMAIL PROTECTED]>
Sent: Monday, August 27, 2001 8:06 PM
Subject: [PHP] permissions when using fopen
> Hi,
>
> I want to read a file on my web server in a .php script using fopen and
> I don't want to set read permissions on this file for everyone. However it
> seems t
Hi,
I want to read a file on my web server in a .php script using fopen and
I don't want to set read permissions on this file for everyone. However it
seems that the PHP module has that same access to the filesystem that
everyone would have. I can only read this file if I set read permissions
91 matches
Mail list logo
