[Supramania]

Quote:

Originally Posted by BSMedia

It gives the files/scripts permission to read/write and execute code.

That's a little simplistic. I think more detail is in order. The explanation below is still lacking completeness, but I think it gives the critical level of detail you need before you start mucking around with your servers file system security.

On a Unix (Linux) based system each file has three sets of permissions:

Owner
Group
Other

Every file has an owner - every file has a group.

Every one of those owners or groups has 3 permissions on the file:

Read
Write
Execute

These are represented by numeric values in *nix parlance.

Read for owner = 4 0 0
Read and write for owner = 600
Read write and execute for owner = 700

So, for example, if you log into a *nix server and issue the command ls -la you may see some results like this:

-rw-r--r-- 1 www apache 19102 Feb 4 11:05 announce.php
-rwxrwxrwx 1 root users 881 Dec 19 2005 vbfile.php

The first line tells us that announce.php is owned by the user www and is a member of the group apache. The rights issues to this object are:

Owner (www) read & write
Group ( apache) read only
Other ( everyone else) read only

The second line tells us that the file vbfile.php is owned by root and is a member of the group users, however since this file is CHMOD 777 (read, write & execute) for everyone, the owner doesn't really matter, anyone can do whatever they want with this file.

This is the most dangerous and insecure file permission setting possible. It's rarely necessary.

For example, you may wish to deny execute to everyone except the owner for a CHMOD of
766

If you're talking about webserver access, you can make the file owned by the user the webserver executes under (apache on most linux systems), and CHMOD 700 - still very insecure, but better than 777

I'd suggest the OP read over this page:

http://www.arsgeek.com/2007/01/24/li...rets-of-chmod/

This will help get you started.