| |
Haven't registered yet? Do it here now!
 |
|
 |
|
toms
Joined: 15 Feb 2007
Posts: 5
|
|
|
 |
|
 |
|
 Posted: Thu Feb 15, 2007 4:14 pm Post subject: blog1.php permissions |
 |
|
|
 |
|
 |
|
|
|
|
I've searched the forum and can't find anything to cover this so:
Anytime I regenerate a template the permissions for bo/boblogs/blog1.php changes to 666. The page won't come up and the browser shows "Internal Server Error" page can't be completed, etc..
When I change the permission for the blog1.php file to 644 it then works fine. The next regen causes the file permissions to switch right back to 666 and the Internal Server Error is back. The error log says "error: file is writable by others" then gives the path to the file "../bo/boblogs/blog1.php"
I ask support at the hosting company to change it and their response is:
<<Regarding the subject of permissions, all of our new servers (your's included) run PHPSuExec. On most Apache servers, PHP runs as an Apache Module. As such, it runs directly in the user "nobody", but doesn't require the execute flag. This means that in order to execute a PHP file, it simply needs to be world readable. The problem is that this allows every other users on the server to read your PHP files! Allowing other users to read your HTML files is not a problem, since they can be displayed in your web browser. However, PHP files are not readable since they are parsed when they are called by the web server.
Many scripts use a PHP file to store a database username and password. This means that on another server every client could read your PHP files, retrieve your password and access your databases. Thusly, the permissions for directories should be 755 and PHP should be 644.
To fix issues with people being able to read your files without your knowledge or permission, we installed something called phpSuExec. As such, instead of using everyone's permissions it uses the owner's permissions. You can now change the permissions of your PHP scripts to : 0700 or 0400 and still be able to read and execute them. However, these scripts will no longer be accessible to any other users. In fact, PHPsuexec will refuse to execute a script if it is world-writable to protect you from someone abusing one of your scripts.>>
Okay. So now what do I do? Can't keep logging in the change the perms back with every update. Anyone know how to fix this?
Thanks. |
|
|
|
|
|
|
|
Atanasis
Owner
Joined: 22 May 2004
Posts: 4284
Location: The Net
|
|
|
|
|
|
|
| Posted: Sat Feb 17, 2007 3:12 pm Post subject: |
|
|
|
|
|
|
|
|
|
|
hello there, I see, your host does not allow those permissions.
Please, drop me a pm with your email and I will shoot you with a quick fix on the problem.
Thanks!
_________________
Thanks,
Kaktusan
 |
|
|
|
|
|
|
|
toms
Joined: 15 Feb 2007
Posts: 5
|
|
|
|
|
|
|
| Posted: Sat Feb 17, 2007 3:48 pm Post subject: |
|
|
|
|
|
|
|
|
Atanasis
Owner
Joined: 22 May 2004
Posts: 4284
Location: The Net
|
|
|
|
|
|
|
| Posted: Sat Feb 17, 2007 3:57 pm Post subject: |
|
|
|
|
|
|
|
|
|
|
replied.. Thanks!
_________________
Thanks,
Kaktusan
|
|
|
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2002 phpBB Group
|
 |
|
 |
| |
