Posted by Jerry Stuckle on 09/19/07 18:39

Adam Baker wrote:
> On Sep 18, 9:49 am, Jerry Stuckle <jstuck...@attglobal.net> wrote:
>> Adam Baker wrote:
>>> On Sep 14, 5:06 am, Jerry Stuckle <jstuck...@attglobal.net> wrote:
>>>> Adam Baker wrote:
>>>>> Hello,
>>>>> I'm writing a site where a handful of people will be able to edit
>>>>> the content using PHP scripts (FCKeditor). The content is stored as
>>>>> individual files in a directory. I'd like to validate the "editors"
>>>>> using PHP, cookies, etc.
>>>>> The question is what file permissions I need to allow for the
>>>>> content to be writable by my PHP script. Do I really need to give
>>>>> write permissions to the "other" group. Are all wikis really that
>>>>> vulnerable? (yes, I know that's the point, but for restricted wikis,
>>>>> for instance...)
>>>>> Thanks,
>>>>> Adam
>>>> The only one doing the writing will be the Apache user itself. The
>>>> system doesn't know or care who is using the editor - that's completely
>>>> between Apache and the user.
>>>> And beware that unless you implement your own security, any of those
>>>> people will be able to edit any of the files.
>>>> --
>>>> ==================
>>>> Remove the "x" from my email address
>>>> Jerry Stuckle
>>>> JDS Computer Training Corp.
>>>> jstuck...@attglobal.net
>>>> ==================
>>> Thanks for your reply. I am quite ignorant here, so I will see whether
>>> I can even ask a coherent follow-up. So the PHP script is run by the
>>> Apache user. Is that the user that owns Apache, or a special username?
>>> It would seem, then, that I would want to give rwx permissions for the
>>> content files to that user alone (and myself), not do a chmod 777. Is
>>> that right?
>>> Thanks,
>>> Adam
>> Every process in the machine runs under a specific user. That's what
>> determines the permissions available to the process.
>>
>> No one "owns" Apache. There is a user (or even more than one) which
>> owns the files Apache uses to run. And there is a user for the Apache
>> process. They may or may not be the same.
>>
>> And chmod to 777 is highly dangerous - it allows anyone on your server
>> to read and write to your files. It should never be done if you value
>> those files, IMHO.
>>
>> Rather, you should set up the users and groups to provide the
>> appropriate permissions, then set the file permissions accordingly.
>>
>> I'd suggest you get a book on Linux Administration. It will help you
>> with a lot of different things. And I'm not being sarcastic about the
>> suggestion; learning some of the basics of Linux administration will
>> help you understand a lot of this better - it can be quite confusing.
>>
>> --
>> ==================
>> Remove the "x" from my email address
>> Jerry Stuckle
>> JDS Computer Training Corp.
>> jstuck...@attglobal.net
>> ==================
>
> Is there a good Linux book you could recommend? I don't think I've
> ever read anything about Linux that didn't presuppose a LOT of
> background knowledge.
>
> Thanks,
> Adam
>

Not really, Adam. They all assume some knowledge, but with a system you
can play with and some internet searches, you can generally wade your
way through them.

I've used "Linux Rute User's Tutorial and Exposition" by Paul Sheer in
the past. Not necessarily the greatest, but it helped me.

I'd recommend you just visit your local bookstore and/or library and
start looking through the books. Look for ones which cover basic
commands (such as chmod) but don't seem to be too far over your head.


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]