Reply to Re: File permissions for a wiki-like site

Your name:

Reply:


Posted by Jerry Stuckle on 09/22/07 01:24

Gordon Burditt wrote:
>>> You cannot, for example, have multiple instances of Apache listening on
>>> port 80 of a single IP address, and I thought assigning 255 IP addresses
>>> to a single web server went out with browsers that don't understand
>>> HTTP/1.1 and the Host: header.
>>>
>> I didn't say anything about multiple instances on port 80, did I?
>>
>> There are 65,535 ports available - and all but the first 4096 (0-4095)
>> are available to anyone who wants them. Port 80 just happens to be the
>> default port for the http: protocol.
>
> Have you ever seen an advertised (with paid advertising) URL for a
> non-default port? Nobody's going to take it seriously, or even
> type it correctly. It might be OK if you also own the one on port
> 80 and the only links to the other one are yours. It's also not
> too bad for a purely testing site, but it's not one a hosting company
> is actually going to be able to sell.
>

Actually, yes I have - for various reasons. For instance, my Windows
VPS's use a different port for control. And I have seen it used for
links from the main site, i.e. when you want to run IIS and Apache on
the same (Windows) machine, as I'm doing on one site right now. It
works fine, and people do link to it. In fact, port 8080 is commonly
used as a secondary http port.

So I wouldn't suggest you make blanket statements like that. While not
common, it is done, and it works quite well.

>>>>>> It would seem, then, that I would want to give rwx permissions for the
>>>>>> content files to that user alone (and myself), not do a chmod 777. Is
>>>>>> that right?
>>>>> Standard UNIX file permissions don't allow a file to have two owners.
>>>>>
>>>>> You don't normally want to give x permission to any *file* that a
>>>>> web application can write on (as distinguished from *directory*,
>>>>> which needs x permission). x permission is for executables and
>>>>> shell scripts.
>>>
>>>> So why not just throw the door wide open to any hacker who could upload
>>>> to that file and run whatever scripts he wants? :-)
>>> You'd even consider allowing uploads via HTTP?
>>>
>> Sure. Protections can be established.
>>

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация