Jump to content


Photo

File/folder Permissions


  • Please log in to reply
13 replies to this topic

#1 natimage

natimage

    February Family member of the month

  • Members
  • PipPipPipPip
  • 824 posts

Posted 15 January 2004 - 09:03 PM

I saw the tutorial on how to change permissions on files and folders. I've even done it!! :goof: But, maybe someone out there has a moment to expound on the concept of permissions. For example, I changed file/folder permissions to 777 tonight...but, I have no idea what that means. What does 777 mean for security compared to a permission of 644 or any other setting?

And, if I change permissions in order to do something (manage and import skins in IPB for example), can I or should I change the permissions back after the change is finished?

Stuff like that would be great to know more about.
Tracy
Natural Images Photography


<A HREF="ymsgr:sendIM?natimage72"><IMG SRC="http://www.tchstatus.com:8080/yahoo/natimage72"></a>

#2 DarqFlare

DarqFlare

    Immediate Family

  • Members
  • PipPipPipPip
  • 2,215 posts

Posted 15 January 2004 - 09:26 PM

I tend to agree, a tutorial like that would be invaluable.

We'll get one made when we have the opportunity.

#3 natimage

natimage

    February Family member of the month

  • Members
  • PipPipPipPip
  • 824 posts

Posted 15 January 2004 - 10:28 PM

Thanks, Robert. In the meantime, can you answer just a quick yes or no (no explanation needed right now) as to whether or not I should change the file/folder permissions back to 644 for my IPB files/folders? I had to change them to 777 to import and apply a new skin.
Tracy
Natural Images Photography


<A HREF="ymsgr:sendIM?natimage72"><IMG SRC="http://www.tchstatus.com:8080/yahoo/natimage72"></a>

#4 Lianna

Lianna

    Immediate Family

  • Members
  • PipPipPipPip
  • 2,384 posts

Posted 15 January 2004 - 11:17 PM

Actually, KW has a great tutorial on permissions on the Help Site:

http://www.totalchoi...m/help/id85.htm

#5 natimage

natimage

    February Family member of the month

  • Members
  • PipPipPipPip
  • 824 posts

Posted 15 January 2004 - 11:24 PM

Thanks, Lianna!! I had not found that one! However, for such a novice as myself, it still leaves some questions unanswered. Like, what are the security risks for setting 777? And why did I have to set permissions to 777 instead of , say, 775 or something like that to apply skin changes to IPB?

I know, I'm a little thick-skulled sometimes. Theoretically I understand what the rwx is and the numbers and all that. It's understanding the meaning for actual application that I can't quite grasp.

Does that make any sense at all? :goof:

Edited by natimage, 15 January 2004 - 11:25 PM.

Tracy
Natural Images Photography


<A HREF="ymsgr:sendIM?natimage72"><IMG SRC="http://www.tchstatus.com:8080/yahoo/natimage72"></a>

#6 DarqFlare

DarqFlare

    Immediate Family

  • Members
  • PipPipPipPip
  • 2,215 posts

Posted 16 January 2004 - 12:19 AM

Well, there it is. Heh. Wish I'd have seen that before myself.

I haven't browsed much through those endless files, maybe someday I will and actually learn a thing or two... :goof:

#7 Lianna

Lianna

    Immediate Family

  • Members
  • PipPipPipPip
  • 2,384 posts

Posted 16 January 2004 - 09:22 AM

Tracy,

Will search Google for an appropriate "examples" oriented article to help with your question of application. Have seen several in the past, just gotta find them.

#8 natimage

natimage

    February Family member of the month

  • Members
  • PipPipPipPip
  • 824 posts

Posted 16 January 2004 - 10:05 AM

Thanks, Lianna. I did search google and I found some helpful things. I just couldn't find one that would make that final connection in my clogged up little brain!!
Tracy
Natural Images Photography


<A HREF="ymsgr:sendIM?natimage72"><IMG SRC="http://www.tchstatus.com:8080/yahoo/natimage72"></a>

#9 vangrieg

vangrieg

    Family Friend

  • Members
  • PipPip
  • 58 posts

Posted 16 January 2004 - 10:51 AM

Generally, your permissions should be as low as possible. Yes, there are security risks associated with giving guests write/execute privileges. However, many of these risks aren't all that easy to exploit and require special knowledge. The answer to your question is a complicated one.
If you have a static site with just HTML pages, the best thing to do will be giving full rights to the Owner and read-only to Group and Guest. If you have scripts like a guestbook, for example, it's a different story and the answer is "it depends".

In order for your script to function, it has to have write privileges to some directories and files. If you upload these files via ftp, and the attributes are set to 700, for example, the script won't be able to modify them. If the files are created by the script itself, you are all set (but there's a chance that you yourself won't be able to modify/delete those files via ftp, as the script (so-called "nobody") will be the owner.

As a rule, your .htaccess files shouldn't have anything higher than 700, and all important files that contain passwords should be located in areas unavailable through www. (Anything below your public_html directory may be accessed, so put your password files one level higher).

Also, don't give obvious names to files, but that's just common sense.

#10 natimage

natimage

    February Family member of the month

  • Members
  • PipPipPipPip
  • 824 posts

Posted 16 January 2004 - 11:17 AM

Thanks, vangrieg.

I'm sure I'll understand it all much better at some point. You mentioned the most important thing...keep important information guarded!! I guess as long as I understand that 777 means "not guarded" and 444 means "the only thing anyone can do is read this", I'll do alright!!
Tracy
Natural Images Photography


<A HREF="ymsgr:sendIM?natimage72"><IMG SRC="http://www.tchstatus.com:8080/yahoo/natimage72"></a>

#11 vangrieg

vangrieg

    Family Friend

  • Members
  • PipPip
  • 58 posts

Posted 16 January 2004 - 11:25 AM

I guess as long as I understand that 777 means "not guarded" and 444 means "the only thing anyone can do is read this", I'll do alright!!

It's easy, as a matter of fact, just a little confusing.

- The first digit shows the privileges for you, the Owner.
- The second one - for Group (you may simply disregard this one and set it the same as the third one).
- The third one - for Guest, that is, anybody else but you.

Now,
- read priviliges (it means that users can see the file) have the value of 4.
- Write privileges (can create a new file or modify and existing one) - 2.
- Execute (can run a script) - 1.

Now let's say you have an HTML page and you want be able to modify it, but don't want anybody else to touch it, except for viewing in their browsers. What do you do?

- Owner = Read + Write = 4 + 2 = 6.
- Group = Guest = Read = 4.
So you want 644.

Another example - you have a file you want to be accessible to you only.

- Owner = Read + Write = 6.
- Group = Guest = nothing = 0.

So you want 600.

#12 natimage

natimage

    February Family member of the month

  • Members
  • PipPipPipPip
  • 824 posts

Posted 16 January 2004 - 12:52 PM

Thanks again. It's slowly sinking in. I asked a question earlier that got missed.

yes or no  as to whether or not I should change the file/folder permissions back to 644 for my IPB files/folders? I had to change some of them to 777 to import and apply a new skin.



I'm sure I'm wrong to come to the conclusion that since I've successfully imported and applied the new IPB skin that I can now change those selected permissions back to 644...but it makes sense to me that I should be able to do that.

Any comments? Am I right or wrong?
Tracy
Natural Images Photography


<A HREF="ymsgr:sendIM?natimage72"><IMG SRC="http://www.tchstatus.com:8080/yahoo/natimage72"></a>

#13 vangrieg

vangrieg

    Family Friend

  • Members
  • PipPip
  • 58 posts

Posted 16 January 2004 - 12:57 PM

I think you should be fine with 644.

#14 natimage

natimage

    February Family member of the month

  • Members
  • PipPipPipPip
  • 824 posts

Posted 16 January 2004 - 01:05 PM

Awesome. Thanks for all the help. I understand tons more now!
Tracy
Natural Images Photography


<A HREF="ymsgr:sendIM?natimage72"><IMG SRC="http://www.tchstatus.com:8080/yahoo/natimage72"></a>




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users