In message <[EMAIL PROTECTED]>, James Keeline <[EMAIL PROTECTED]> writes >--- On Mon, 9/29/08, Pete <[EMAIL PROTECTED]> wrote: >how can I see what the settings are for this >> file? And what "owner" will PHP be known as? >> >> -- >> Pete Clark > >That depends on the operating system of the server which provides your web >hosting. In most cases you will have a particular user for login/SFTP/scp. >The >webserver user is normally different (a good thing) and many Apache >installations will use a nonprivileged user such as "nobody" or "apache" or >"httpwww" or something similar. > >If you have command-line access (ie ssh) to the server, you can perform some >basic commands (ie Linux or Unix's ls -l) to see the permissions and ownership >of your files.
Yes, I can visit this dedicated server with PuTTy. I see 2 columns, I guess this is permission and owner. In some places, one or both of the columns is pete (me), in some places a previous programmer, and there is also one root, and a few apache. I am going to look into "owners and permissions", now that you have pointed me in the right direction, but can you give me a quick fix for this file? It's marked as pete and pete. I think that I should either change it (no idea how) to apache, or perhaps delete it? Files are normally uploaded using SSH/Subversion, but sometimes they are manually uploaded by secure FTP. I expect that is the difference. And I also expect that this is why, if I upload a file manually, svn sometimes crashes when it tries to upload. >If you don't have this access, your SFTP/scp (you aren't still >using regular unsecure FTP right?) client program likely has a command to see >and possibly set some values. Well, I admit to unsecure FTP in places. Is this because of sniffing out passwords? >As always, be careful with ownership and permissions. As soon as you have a >file or directory which can be written by PHP, there is an opportunity for an >outsider to abuse it. The Google sitemap will be re-created every night, *I* wouldn't think that it would be an issue if someone overwrote it for a few hours... although I am not sure how it could be done. Do you have any links for info about unsecure FTP, and issues with directories available to written by PHP? > >James > -- Pete Clark
