|
Posted by Peter van Schie on 10/03/05 12:08
raykyoto@gmail.com wrote:
> I can do #1 and I was wondering if that is sufficient. As the non-root
> user, I guess I cannot do #2... Can I also move the php scripts that
> write the flat files outside my web directory? Or is that not
> necessary?
My pick would also be option #1. Moving the php scripts outside the
webdirectory is not only not necessary, but also impossible if you still
want to execute them from the web.
> 1) directory of the php scripts that writes the flat files
> -rwx---r-x
>
> 2) the php scripts that writes the flat files
> -rwx---r-x
>
> 3) the directory of the flat files
> -rwx---rwx
>
> 4) the flat files themselves
> -rwx---rw-
>
> Is this possible? Can I do better?
I'm not sure why you leave all the group permissions empty and why other
(world) do get permissions. If the webserver user is the owner of the
flat files directory, you can change that to -rwx------
Same goes for the flat files themselves.
> I'm also new to php... I've hard-coded the paths to the flat files
> inside my php files, as one must, I guess. Is there a way for people
> to see the source of the php files so that they can extract the hard
> coded paths?
No, not as long as PHP works on the webserver, because the script gets
interpreted by the webserver and only the output of the scripts is being
sent to the client (webbrowser).
--
http://www.phpforums.nl
Navigation:
[Reply to this message]
|