On 18 Mar 2007 09:16:35 -0700, Jordi <acero_64@yahoo.com
> wrote:
Hello
I have a web server in my PC. I need to chmod the files correctly so I
don't have a security risk.
I am using a CMS for the website.
I have full access to my pc, as it is in my house, and I can
manipulate it through keyboard, so I have no problem to change the
chmod to the most restrictive ones.
I have these:
1) The config file, wich I chmod 444. This way is readable for all,
but can't be executed or writen. What does this mean? People can read
the password and user and other data there? Should I chmod that to
400 ? So no one, except me, can read it?
Usually the Web server is "others" if porperly set up, so its accessibility
to the files that are owned by you is controlled by the third digest.
So the permission of the config file should be set to 444 (or 644) if it is
to be read by the Web server.
The password should be in the script. It will be read and parsed by the
interpreter so the Web users cannot see it if the CMS is properly written.
2) The folders that users need to write to. For example where they
upload the images or files that are public. I should chmod them to
777. Is this right?
Right. The third digest should be 7 so that the Web server can write
to it.
3) The rest of the website folders. I think they are well chmod 755.
This means I can write, and the other can open or execute.
I think 755 is all right. The execute bit for a directory means the
permission of going into the directory.
I think this is not a good setup. Maybe, I can do a more restrictive
setup that permits all people look the website, use it.
Remember, I have those 3 pieces: the config, the users folders and the
rest.
Are those chmod ok?
Should I do a different chmod for files and folders?
How?
Thanks
Jordi
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org