| voipfc 2007-03-19, 7:19 am |
|
I need some clarification on the permissions required by the web
server user (apache, nobody) required on the user's directories.
A lot of guides state that permissions should be set to 755 on files
in the web directory tree, but in the case of CGIs it doesn't appear
to make sense to me.
1. in Linux/Unix is it possible to list directory files, without being
able to viewing their contents. Does the x permission allow that.
2. Unless the web server is serving files directly does it require the
permission to read them. e.g if all the files on the site have
the .php extension and further up the directory hierarchy there is a
php handler that processes php files from them on, mostly via includes
etc will the web server require the read or the listing permission on
them?
Some users append .php to all other files non php code files and
process them through php. If the CGI takes over from them does the
apache user require read or listing rights on them?
3. What constitutes the other users in the ugo scheme? Is it a
specially designated group or every user who is not in the files group.
|