Posted by C. on 06/22/07 10:15

On 22 Jun, 09:27, Alex Lirus <magr...@hotmail.com> wrote:
>
> When we remove all the grants from "others", from any of the
> directoryes or the
> tree involved, or the files themself, the progam pop up with the
> error:
>
<snip>
> This is the directory list where no "others" permissions are granted:
>
> [aspt000@svuni330:/appl/apt000/pt0/include]#> ls -al p
> drwxrwx--- 2 aspt000 aspt000 4096 Apr 19 12:52 p
>
> If the directory gets backs the grants for "others"
>
> [aspt000@svuni330:/appl/apt000/pt0/include]#> ls -al p
> drwxrwxrwx 2 aspt000 aspt000 4096 Apr 19 12:52 p
>

This is not a question about PHP, but a very simple question about
computer security (to say its about Unix permissions would be an
exageration).

The solution is to have a coherent and appropriate security model -
then apply it.

Try googling for 'The Rute' (use a mirror) and learn about permissions
(the doc is written for Linux, but most of it applies to AIX too).

In the meantime:

> [aspt000@svuni330:/appl/apt000/pt0/include]#> ls -al p
> drwxrwxrwx 2 aspt000 aspt000 4096 Apr 19 12:52 p

is probably not what you want

drwxrwxr-x 2 aspt000 aspt000 4096 Apr 19 12:52 p

would be much safer. A better solution would be to have a group which
your webserver uid and the current members of aspt000 belong to (say
waspt000) and...

drwxrwS--- 2 aspt000 waspt000

C.

[Back to original message]