Ask Question Forum:
Model Library:2025-02-08:A.I. model is online auto reply
C
O
M
P
U
T
E
R
2
8
Show
#
ASK
RECENT
←
- Underline
- Bold
- Italic
- Indent
- Step
- Bullet
- Quote
- Cut
- Copy
- Paste
- Table
- Spelling
- Find & Replace
- Undo
- Redo
- Link
- Attach
- Clear
- Code
Below area will not be traslated by Google,you can input code or other languages
Hint:If find spelling error, You need to correct it,1 by 1 or ignore it (code area won't be checked).
X-position of the mouse cursor
Y-position of the mouse cursor
Y-position of the mouse cursor
Testcursor
caretPos
Attachment:===
Asked by duncanb7
at 2024-08-14 09:49:52
Point:500 Replies:9 POST_ID:828746USER_ID:11059
Topic:
Linux;PHP Scripting Language;Apache Web Server
I would like to set permission control on my server for user on Linux CentOS6
Anyone know it from this tutorial link,
http://www.computerhope.com/unix/uchmod.htm
dxxxyyyzzz, Where d is directory, xxx for server owner, yyy for group user, zzzz for outside users.
When I did " chmod 700 mydir" on linux shell that I want to let my own only
access the mydir for r,w,x permsision and other users in internet could not access this directory
But I tried it on my browser as users and other one can access this directory's index.php.
Why after 700 change, all users can access these diretory?
I thought the issue might be caused by different distribution of Linux such as Centos
It might be not
dxxxyyyzzz or it should be dzzzyyyxxx,
But when I tried "chmod 007 mydir", all users and I (am the owner) that can
Not access the directory's index.php Why ?
And last question, even I can not control group user access , Why and how ?
Please advise
Duncan
Anyone know it from this tutorial link,
http://www.computerhope.com/unix/uchmod.htm
dxxxyyyzzz, Where d is directory, xxx for server owner, yyy for group user, zzzz for outside users.
When I did " chmod 700 mydir" on linux shell that I want to let my own only
access the mydir for r,w,x permsision and other users in internet could not access this directory
But I tried it on my browser as users and other one can access this directory's index.php.
Why after 700 change, all users can access these diretory?
I thought the issue might be caused by different distribution of Linux such as Centos
It might be not
dxxxyyyzzz or it should be dzzzyyyxxx,
But when I tried "chmod 007 mydir", all users and I (am the owner) that can
Not access the directory's index.php Why ?
And last question, even I can not control group user access , Why and how ?
Please advise
Duncan
Author: duncanb7 replied at 2024-08-15 03:06:47
Yes, it is correct and thanks
Accepted Solution
Expert: RitBit replied at 2024-08-15 02:56:51
500 points EXCELLENT
For a webserver (apache) anyone browsing your site is getting the same user-permissions as your webserver, so if you allow your webserver to access a file, the whole world can access that file. So it's way better to protect files using the webserver configuration, either by the configfiles or a local .htaccess file where you can deny/allow access to a file or directory. You can also specify ipadresses or users (if you use authentication), and you can also completely disable the automatic indexing if you like:
<Files private.html>
Order allow,deny
Deny from all
</Files>
or
<Directory /var/web/dir1>
Order allow,deny
Deny from all
</Directory>
or to disable indexing:
<Directory /var/web/dir1>
Options -Indexes
</Directory>
See http://httpd.apache.org/docs/2.2/howto/access.html
or https://httpd.apache.org/docs/2.2/sections.html
But another thing you can check is for file ACL parameters as well as they overrule the standard owner-group-other settings on a file.
Use: getfacl <filename> for that.
and use setfacl to change the acl rules on a file.
<Files private.html>
Order allow,deny
Deny from all
</Files>
or
<Directory /var/web/dir1>
Order allow,deny
Deny from all
</Directory>
or to disable indexing:
<Directory /var/web/dir1>
Options -Indexes
</Directory>
See http://httpd.apache.org/docs/2.2/howto/access.html
or https://httpd.apache.org/docs/2.2/sections.html
But another thing you can check is for file ACL parameters as well as they overrule the standard owner-group-other settings on a file.
Use: getfacl <filename> for that.
and use setfacl to change the acl rules on a file.
Author: duncanb7 replied at 2024-08-14 20:32:34
and I have checked on SSH shell,
that is okay when I set 700 on one directory, other users can NOT access the directory on
SSH shell, so the system format permisision should be duuuyyyzzz, where d is directory, uuu for server owner, yyy for group user, zzzz for outside users.
But why when I go to browser, I still access the index page of that directory that be changed
already to 700 ?
So on SSH shell user control permission works but it doesn't control it on browser
for my case
that is okay when I set 700 on one directory, other users can NOT access the directory on
SSH shell, so the system format permisision should be duuuyyyzzz, where d is directory, uuu for server owner, yyy for group user, zzzz for outside users.
But why when I go to browser, I still access the index page of that directory that be changed
already to 700 ?
So on SSH shell user control permission works but it doesn't control it on browser
for my case
Author: duncanb7 replied at 2024-08-14 19:53:32
drwx------ 2 mysite mysite 4096 jule 28 01:10 yy/
Expert: _jesper_ replied at 2024-08-14 12:01:39
What is the result of:
chmod 700 mysite; ls -ld mysite
chmod 700 mysite; ls -ld mysite
Author: duncanb7 replied at 2024-08-14 10:40:44
yes
Expert: _jesper_ replied at 2024-08-14 10:39:49
Are you logged in as user "mysite"?
Author: duncanb7 replied at 2024-08-14 10:27:35
juts report as follows
drwxrwxrwx 2 mysite mysite 4096 Jul 28 01:10
What is wrong this, and ls -ld?
drwxrwxrwx 2 mysite mysite 4096 Jul 28 01:10
What is wrong this, and ls -ld?
Expert: _jesper_ replied at 2024-08-14 10:22:31
please do an:
ls -ld <your directory>
ls -ld <your directory/public www directory>
ls -ld <your directory>
ls -ld <your directory/public www directory>