|
|
Understanding File Permissions: There are a number of file permissions, which can be used for a variety of different purposes, however we'll limit this tutorial to the ones most commonly used. To begin with, it's important you understand the three categories of
permissions, which are: 1. FTP into your account using your Username and Password. 2. Login via Telnet with the same information.
Setting File Permissions: How To Set Permissions
There are three different ways to set permissions for your files and directories within your account. 1) File Manager, 2) FTP, and 3) Telnet. We DO NOT encourage the use of Telnet if it is only being used for setting permissions and will forego its explanation here.
Setting Permissions Using Your File Manager
Log into your control panel and then click on "file manager."
You will now see a list of directories within the root of your account. Since all of your html files and subdirectories are uploaded and created within your public_html directory, you need to click on the file folder next to the public-html directory name.
The directory will open and in the upper right hand corner, there will be a list of actions that you can perform for that directory. Next click on the file icon located next to the text name of the file that you want to change permissions for.
Again, in the upper right hand corner you will see a list of actions that you can perform with this file. Simply click on Change Permissions, select the appropriate permissions and save.
Setting Permissions using Fetch for MAC:
If you have Fetch for the Mac, you have an easy way to change permissions.
Go to the file you want to change the permissions on, and highlight it. Under the Remote menu, select Change Permissions.
A window will pop up showing the current permissions for the file you had highlighted. Click on the boxes to change permissions as needed.
Setting Permissions Using WS_FTP for Windows:
WS_FTP accomplishes the same task as above. Just highlight the file you want to check, and right-click on it.
A menu will pop up, then select CHMOD.
Click on the appropriate settings as needed.
755 allows the owner "Read and Write" access, while allowing the Group and Public "Read and Execute" permissions.
So what are we actually saying? In short, when users access your cgi script, the server has been instructed to grant them permissions to "Read and Execute" it. Sound scary? It's not actually…
For example, if they wanted to post a message to your wwwboard discussion forum, then they would need these permissions to execute wwwboard.pl, which would write their new message to an html file, which is displayed on the main forum.
The new message would reside in a directory on your site so other users could view it.
Most cgi, perl and other scripts
you'll be installing come complete with instructions telling you which
permissions you'll need to set them to.
For example, some less experienced users often make the fatal mistake of simply setting ALL of their files to 777.
While 777 will automatically allow executing privileges, it
also allows full "READ, WRITE, and EXECUTION ability to the entire world!!!!
This could result is them gaining full access to your
directories, which means they can do anything from deleting your entire
site, to defacing it with obscenities.
http://www.w3.org/Security/Faq/www-security-faq.ht
|
|
|||||||||||||||||
Copyright © 2002 1st Host Web
281-477-8650