File Permissions And Groups The groups are:
a.. User - the 'user' group consists only of the owner of the file (your account, in most cases) b.. Group - the 'group' group consists of the other users on the server -- you can usually remove their permissions entirely if you think it is necessary c.. Other - the 'other' group consists of everyone else -- most importantly, the web server falls into the 'other' category The potential permissions are: a.. Read - the 'read' permission allows a user or program the ability to read the data in a file b.. Write - the 'write' permission allows a user or program the ability to write new data into a file, and to remove data from it c.. Execute - the 'execute' permission allows a user or program the ability to execute a file, if it is a program or a script Setting Permissions On Directories - The same permission settings are used on directories, but the meaning is slightly different. For a directory, the read setting controls whether or not a directory can be read for a listing of files. More importantly, the execute setting controls whether or not a directory can be searched for a particular file. Read without execute is almost useless, but execute without read is useful for letting a directory be used but not searched. This is why setting your home directory to 701 allows the Web server to reach your public_html symbolic link, but protects your directory from other snooping. For more information on setting permissions, login by Telnet or SSH and issue the command "man chmod". execute 1 write 2 read 4 NumericCode Permissions - 700 User: read, write, execute Group: none Other: none 755 User: read, write, execute Group: read, execute Other: read,execute 777 User: read, write, execute Group: read,write,execute Other: read,write,execute 707 User: read, write, execute Group: none Other: read, write, execute NOTES: Code 707 can usually be substituted for 777, and is a little more secure as it cuts out direct access by other users. "Other" must maintain at least read access to any normal file in your web space, in order for the web server to be able to serve it to your site viewers.
