Previous Thread
Next Thread
Print Thread
Hop To
Joined: Aug 2004
Posts: 469
Addict
Addict
Joined: Aug 2004
Posts: 469
This is part of a banner rotation script. Would it make the site safer? Would I still be able to overright the file by ftp?

Joined: Jul 2006
Posts: 2,143
Pooh-Bah
Pooh-Bah
Joined: Jul 2006
Posts: 2,143
would it make the site safer? There's a heck of a lot more to making a site safe than changing permissions on a single file, but it can't hurt. Just don't oversell the significance in your mind, it's a part of making it safer, just a part.

Can you overwrite it by FTP? No. You set it to read: owner, group, other. I don't see write in there, do you? smile


This thread for sale. Click here! [Linked Image from navaho.infopop.cc]
Joined: Aug 2004
Posts: 469
Addict
Addict
Joined: Aug 2004
Posts: 469
Dave, a banner rotation script that I want to implement uses a simple text file to pull banner codes from. I just don't want someone to be able to change that file to then inject funny code into the header.

Just wondering what I should chmod that file to. Or maybe leave it at 644?

So what happens if I make it 444? Will I still be able to erase the file using ftp?

Joined: Jul 2006
Posts: 2,143
Pooh-Bah
Pooh-Bah
Joined: Jul 2006
Posts: 2,143
644 is owner write, group and other read.

You will be able to edit or overwrite it via FTP.

As for the question of whether someone else, namely the web server, can overwrite the file and inject code into it, is a touch question to answer.

Are you running Apache? is php a compiled into Apache or running as a cgi? Is Apache running as the same user as the account your asking about? There are probably as many questions to ask you fi you're on a MS server, but I don't have a very good handle on IIS anymore. frown


This thread for sale. Click here! [Linked Image from navaho.infopop.cc]

Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
"Recent Posts" box
by SenecaFlyer - 12/13/2024 12:06 PM
Sticky posts and global announcements
by Larry Miller - 12/08/2024 2:30 PM
Profile avatar storage settings
by SenecaFlyer - 12/05/2024 1:24 PM
Not allowing attachment over 2m
by ehill - 12/03/2024 3:16 PM
New Admin Here
by SenecaFlyer - 12/02/2024 4:14 PM
Who's Online Now
3 members (Ruben, SenecaFlyer, 1 invisible), 1,719 guests, and 157 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
Ride safe!
Ride safe!
by Morgan, December 7
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Powered by UBB.threads™ PHP Forum Software 8.0.1
(Snapshot build 20240918)