On Thu, May 31, 2001 at 02:08:54AM -0500, Nichole Bialczyk wrote:
> ----- Original Message -----
> From: "Asim Memon" <[EMAIL PROTECTED]>
> To: "Nichole Bialczyk" <[EMAIL PROTECTED]>
> Sent: Thursday, May 31, 2001 2:07 AM
> Subject: Re: writing to a text file --> permission denied
>
> > are you sure the permissions are set...as in if the browser is
> > writing then you have to make sure the file is writable by
> > everyone...
> > just to make sure so a
> > chmod 777 filename
> >
> > this will let everyone write to your file.
This solution is to be avoided if at all possible; opening up the file to be
writeable by everyone is a bad idea. What I usually do is change the
ownerships to be either owned by the web server, or owned by the web server
group. This works on many of the the systems I run because Apache runs as
the apache user, in the apache group; I would not suggest it for systems
where the web server runs as nobody:nogroup.
If you insist on making the file world-writeable, at least restrict the
permissions on the directories leading to the file so that only the web
server, or at the most, other daemons, can get to the file.
For example, if the web site is /home/foo/www.foo.com, and all users belong
to the group 'users', change the permissions of /home/foo or
/home/foo/www.foo.com to 701, and the group ownership to 'users'. This
keeps any other system users from getting into the directory, but still
allows the web server to get in (it shouldn't belong to the 'users' group
because, after all, it isn't a user). This is less optimal than restricting
the writeability of the file, because other daemons could get in, but it's a
bit more secure.
This is a bit off the topic of Perl, but security issues are important, and
should be kept in mind.
Michael
--
Administrator www.shoebox.net
Programmer, System Administrator www.gallanttech.com
--
