File Permissions And Groups
The groups are:
a.. User - the 'user' group consists only of the owner of the file (your
account, in most cases)
b.. Group - the 'group' group consists of the other users on the server --
you can usually remove their permissions entirely if you think it is necessary
c.. Other - the 'other' group consists of everyone else -- most importantly,
the web server falls into the 'other' category
The potential permissions are:
a.. Read - the 'read' permission allows a user or program the ability to read
the data in a file
b.. Write - the 'write' permission allows a user or program the ability to
write new data into a file, and to remove data from it
c.. Execute - the 'execute' permission allows a user or program the ability
to execute a file, if it is a program or a script
Setting Permissions On Directories
The same permission settings are used on directories, but the meaning is
slightly different. For a directory, the read setting controls whether or not a
directory can be read for a listing of files. More importantly, the execute
setting controls whether or not a directory can be searched for a particular
file. Read without execute is almost useless, but execute without read is
useful for letting a directory be used but not searched. This is why setting
your home directory to 701 allows the Web server to reach your public_html
symbolic link, but protects your directory from other snooping. For more
information on setting permissions, login by Telnet or SSH and issue the
command "man chmod".
execute 1
write 2
read 4
NumericCode Permissions
700 User: read, write, execute
Group: none
Other: none
755 User: read, write, execute
Group: read, execute
Other: read,execute
777 User: read, write, execute
Group: read,write,execute
Other: read,write,execute
707 User: read, write, execute
Group: none
Other: read, write, execute
NOTES: Code 707 can usually be substituted for 777, and is a little more
secure as it cuts out direct access by other users. "Other" must maintain at
least read access to any normal file in your web space, in order for the web
server to be able to serve it to your site viewers.
[Non-text portions of this message have been removed]
