|
Posted by Erwin Moller on 11/16/96 11:28
Ray wrote:
<snip>
> Something is wrong with my understanding, right?
>
> Ray
Hi Ray,
Possibly.
But don't worry: Nobody was born with knowledge of unix filepermissions. ;-)
Here are a few links I googled up that seem to make sense:
http://www.dartmouth.edu/~rc/help/faq/permissions.html
http://catcode.com/teachmod/
http://www.ee.surrey.ac.uk/Teaching/Unix/unix5.html
Jus a friendly word of advise:
I want to encourage you to play around with filepermissions on your OWN
system, where you have root-acces so you can change groups and such.
Just create 2 users: Ray and Erwin.
Open for both a terminal.
Let Ray create a file with certain permissions, check with what permissions
Erwin can read them.
Put Ray and Eriwn in a group, check again. etc.
This is all reasonably straightforward.
Then start playing with right on directories. This is where the fun starts.
:-)
Can Erwin list the content of a directory made by Ray?
Which setteings on the directory make this happen?
When can Erwin create a file in a directory owned by Ray?
When can Erwin delete/modify a file in a directory owned by Ray?
When can Erwin SEE a file in a directory owned by Ray?
Etc.
Really: It is WELL WORTH your time to play around for 1 day or so.
(I wished I did before publishing my first Perl-scripts may years ago. :P)
If you understand how it works, you KNOW what you are doing in your shared
hosting environment where you do not have rootaccess.
You know what www-data can and cannot do.
You know what malicious users on the same machine can do and cannot do.
Be aware that on most shared host environments, everybody can mimic
www-data, just by writing a script in php. That script then runs as
www-data.
Good luck.
Regards,
Erwin Moller
Navigation:
[Reply to this message]
|