Topic: cgi files

[Cody_123]

how do you make cgi files executable

[cidhosting]

if they are cgi or .pl files chang the attrobutes to 755 if they are writable files change the attrobutes put 777

[CharlieBrady]

if they are cgi or .pl files chang the attrobutes to 755 if they are writable files change the attrobutes put 777

No, files and directories should *never* be set with permissions of 777 (if you care at all about the security of your system).

[cidhosting]

tell me why? these are file that the programs write to.

[CharlieBrady]

tell me why?

All users and programs on the system do not need to write to those files/directories. Or, to put it another way, if all users and programs on the system can write to a particular file, the content of the file is useless, because you can't depend on it.

these are file that the programs write to.

Then only the user id that the program runs as needs to have write access to the file.

[cidhosting]

Email List programs write to the list.txt to add emails to the list.txt file
What do you recoment to set it to?

[CharlieBrady]

Email List programs write to the list.txt to add emails to the list.txt file
What do you recoment to set it to?

0700, and owned by whichever userid needs to read/write the file (I guess 'www').

I'm sorry, but I cannot continue to provide unpaid consultancy services to you. I am sure the web has plenty of good tutorials on file permissions and security. Best wishes.

[cidhosting]

I'm sorry, but I cannot continue to provide unpaid consultancy services to you. I am sure the web has plenty of good tutorials on file permissions and security. Best wishes.
I'm not looking for a uppaid consult service! I'm just looking for your opinion nothing more. A forum like this is for people helping other people without paying for the help. Not to boost your ego! besides I think your quit a coward that you would not even put your email on your Profile for private consult.

[jfarschman]

Cid,

  Did you notice how may post Charlie has handled?  When I looked last 1952 posts... and that just since we started with this new forum system.

  CharlieBrady is a developer here.  We try not to waste his time because he and a small group of others are busy creating the SME server software we all enjoy.

  Okay... so why do you want to make the permissions 700.  

  -rwx------
 
  Basically gives the owner of the file permissions, but no one else.  You'll need to add permissions for the group and possible anonymous to use these files in execute mode if you want them to also have execute.... but you probably wouldn't grant all users "everyone" "anonymous" access to write to the files.

  Basic security.  Only the folks who require access should have access.

  WITH THAT SAID.... the developers make all of this easy by building ibays for us to put our files into.  Then in the server-manager GUI you can set the permissions, allowing the appropriate groups to have access or not.    

  So what you probably need to do is go to the ibay and set reset the permissions... then you don't have to worry about 777 0700 0644 or any of that chmod stuff.

  Hope this helps.... and be nice to the developers.

[kruhm]

IMO Charlie shouldn't be answering any of these posts. He has better things to do than worry about keeping up to date of what's happening in the forums, providing free tech support and continuously answering the seemingly never-ending rotating questions.

Answering questions should be handled by a group of qualified forum moderators/admins (such as yourself). Then let the difficult questions filter through to him.

This way we work better as a team.

[jfarschman]

Kruhm & Charlie,

  Good suggestion.  

  Okay... let's waggle a finger Charlie's way.  He really shouldn't answer the easy questions.  Try to leave those for the people like me who think they know it all     I do enjoy lending a hand.... and I also know what it feels like to be the lone expert with a bunch of;

not-nearly-as-knowledgeable-but-well-intending-helpers.

You have to step back and let them fumble.  It's also nice if there is some kind of back channel.

[kruhm]

Also, I'd be nice if a volunteer roster list with positions was posted. This would help avoid any type of embarassing situations and serve as a reminder to others involved.