vb.org Archive - chmod777?

Quote:

Originally Posted by BSMedia (Post 1983191)

It gives the files/scripts permission to read/write and execute code.

That's a little simplistic. I think more detail is in order. The explanation below is still lacking completeness, but I think it gives the critical level of detail you need before you start mucking around with your servers file system security.

On a Unix (Linux) based system each file has three sets of permissions:

Owner
Group
Other

Every file has an owner - every file has a group.

Every one of those owners or groups has 3 permissions on the file:

Read
Write
Execute

These are represented by numeric values in *nix parlance.

Read for owner = 4 0 0
Read and write for owner = 600
Read write and execute for owner = 700

So, for example, if you log into a *nix server and issue the command ls -la you may see some results like this:

-rw-r--r-- 1 www apache 19102 Feb 4 11:05 announce.php
-rwxrwxrwx 1 root users 881 Dec 19 2005 vbfile.php

The first line tells us that announce.php is owned by the user www and is a member of the group apache. The rights issues to this object are:

Owner (www) read & write
Group ( apache) read only
Other ( everyone else) read only

The second line tells us that the file vbfile.php is owned by root and is a member of the group users, however since this file is CHMOD 777 (read, write & execute) for everyone, the owner doesn't really matter, anyone can do whatever they want with this file.

This is the most dangerous and insecure file permission setting possible. It's rarely necessary.

For example, you may wish to deny execute to everyone except the owner for a CHMOD of
766

If you're talking about webserver access, you can make the file owned by the user the webserver executes under (apache on most linux systems), and CHMOD 700 - still very insecure, but better than 777

I'd suggest the OP read over this page:

http://www.arsgeek.com/2007/01/24/li...rets-of-chmod/

This will help get you started.

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (6)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

X vBulletin 3.8.12 by vBS Debug Information

Page Generation 0.01042 seconds
Memory Usage 1,724KB
Queries Executed 10 (?)

More Information

Template Usage:

(1)ad_footer_end
(1)ad_footer_start
(1)ad_header_end
(1)ad_header_logo
(1)ad_navbar_below
(2)bbcode_quote_printable
(1)footer
(1)gobutton
(1)header
(1)headinclude
(6)option
(1)post_thanks_navbar_search
(1)printthread
(6)printthreadbit
(1)spacer_close
(1)spacer_open

Phrase Groups Available:

global
postbit
showthread

Included Files:

./printthread.php
./global.php
./includes/init.php
./includes/class_core.php
./includes/config.php
./includes/functions.php
./includes/class_hook.php
./includes/modsystem_functions.php
./includes/class_bbcode_alt.php
./includes/class_bbcode.php
./includes/functions_bigthree.php

Hooks Called:

init_startup
init_startup_session_setup_start
init_startup_session_setup_complete
cache_permissions
fetch_threadinfo_query
fetch_threadinfo
fetch_foruminfo
style_fetch
cache_templates
global_start
parse_templates
global_setup_complete
printthread_start
bbcode_fetch_tags
bbcode_create
bbcode_parse_start
bbcode_parse_complete_precache
bbcode_parse_complete
printthread_post
printthread_complete

Messages:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01042 seconds Memory Usage 1,724KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (6)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: