Security and Cryptography
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsSystem AdministrationSecurity and Cryptography
Receive the tools necessary to be the rock star of your field. Our 12-month program teaches you the evolving world of multi-channel marketing as well as the complex issues and opportunities found in the industry.

ASP Free and Iron Speed Designer are giving away $5,500+ in FREE licenses. Iron Speed's RAD CASE toolset can save up to 80% of your coding time. One free license per week, one perpetual license per month!
Download and Activate to enter!

Web development can be a daunting task, even for specialists. There is a lot of information to absorb and a lot of technologies to learn in order to manage a superior website. When trying to learn the ropes, developers need a reliable source to introduce new ideas that can be easily implemented. When working on large projects, even web veterans may run into a technology or an aspect of a technology that they are unfamiliar with.

Learn More!


Download to Enter
| Contest Rules

Tutorials | Forums

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old January 17th, 2012, 07:01 AM
Halyn Halyn is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2012
Posts: 5 Halyn User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 52 m 25 sec
Reputation Power: 0
Formal definitions of Read, Write, and Execute permissions

I am new to web development and after some searching still couldn't really understand the exact meanings of Read, Write, and Execute permissions. I can't go by common-sense meanings because, for example, the World can't see a web page with World/Execute checked and World/Read unchecked but it can vice versa.

Reply With Quote
  #2  
Old January 17th, 2012, 07:34 AM
Dmitry Melnik Dmitry Melnik is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2004
Posts: 229 Dmitry Melnik User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 Day 15 h 29 m 17 sec
Reputation Power: 9
Send a message via MSN to Dmitry Melnik
As a rule 644 (rw-r-r--) permissions must be set for all PHP, HTML and other non CGI scripts/files so the website will work fine, without any errors. CGI scripts must have 755 (rwxr-xr-x) permissions. Also you shouldn't forget about folders permissions. For normal access a folder must have 755 access permissions otherwise a server will not be able to access script/file and execute it. For more detailed answer I need to know which scripts you are executing and what user they are executed by, then I will be able to explain why it should be done in that way.
Comments on this post
Halyn agrees!

Reply With Quote
  #3  
Old January 17th, 2012, 08:35 AM
Halyn Halyn is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2012
Posts: 5 Halyn User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 52 m 25 sec
Reputation Power: 0
Hi Dmitry, I'm currently on a shared hosting plan (probably going VPS or dedicated in the future though), and the only person with access to the website account is me. I'm not familiar with CGI scripts at this point and wouldn't know how to pick them out to ensure they have the proper permissions. At the moment, I know that the site will have HTML, CSS, JS, and PHP files, and also a MySQL database. The site will also somehow integrate an Authorize.net system for e-commerce (I don't know what all that involves yet script-wise).

I know there are a few other security precautions I need to take besides setting appropriate permissions, but at this point just a few questions related to permissions come to mind. From my cPanel File Manager, my directory access starts at /home/my_username/, and of course the folders under this include the /public_html/ web root. So all my related questions are (assuming I'm the only "User," there are no CGI scripts, and a concern for maximum appropriate security):

1. What are all the files I might create that should stay out of the web root?
2. Out of the ones under the web root, are 644 permissions then the lowest that should be set and no lower?
3. Is there also a rule of thumb about permissions outside of the web root?
4. What is the difference between "Group" and "World"?

But if it's not too much more trouble, I still might like to know what Read, Write, and Execute really mean so that I could just deduce the answers to questions like some of these when they come up, given that the answers to these questions haven't made it obvious (to a slow learner).

Reply With Quote
  #4  
Old January 17th, 2012, 08:37 AM
Halyn Halyn is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2012
Posts: 5 Halyn User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 52 m 25 sec
Reputation Power: 0
(I was trying to give 1 reputation point but apparently I don't know how that works.)

Reply With Quote
  #5  
Old January 17th, 2012, 11:39 AM
Halyn Halyn is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2012
Posts: 5 Halyn User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 52 m 25 sec
Reputation Power: 0
My host support just now told me about these pages. I'll have to go back and read them later when I have time but they look like they'll fix my confusion. (As currently a new user I'm not allowed to create clickable URLs.)

webhostinggeeks.c-o-m/blog/2009/12/23/understanding-permission-types-for-website-security/

thewebhostinghero.c-o-m/tutorials/linux-file-permissions.html

cyberciti.biz/faq/how-linux-file-permissions-work

Reply With Quote
  #6  
Old January 18th, 2012, 04:48 AM
Dmitry Melnik Dmitry Melnik is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2004
Posts: 229 Dmitry Melnik User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 Day 15 h 29 m 17 sec
Reputation Power: 9
Send a message via MSN to Dmitry Melnik
I'm glad that you have sorted out your question. Be free to ask more questions if you have them.

Reply With Quote
  #7  
Old January 19th, 2012, 10:58 AM
Halyn Halyn is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2012
Posts: 5 Halyn User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 52 m 25 sec
Reputation Power: 0
Thank you, Dmitry. I plan to work overtime on building a startup over the next 3 years or so, and I happily look forward to having this community around and being in this community.

Reply With Quote
  #8  
Old January 20th, 2012, 01:19 AM
Dmitry Melnik Dmitry Melnik is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jan 2004
Posts: 229 Dmitry Melnik User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 Day 15 h 29 m 17 sec
Reputation Power: 9
Send a message via MSN to Dmitry Melnik
Glad that you enjoy being here, I'll try to assist if necessary, so just be free to ask any questions.

Reply With Quote
Reply

Viewing: Dev Shed ForumsSystem AdministrationSecurity and Cryptography > Formal definitions of Read, Write, and Execute permissions


Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 


Powered by: vBulletin Version 3.0.5
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.

© 2003-2012 by Developer Shed. All rights reserved. DS Cluster 6 - Follow our Sitemap