httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Coleman DTI <ra...@dti-web.com>
Subject Re: FTP and CHMOD
Date Thu, 10 Jan 2002 02:08:34 GMT
<html>
<font size=3>Hi Vernon<br>
The FTP program on the server regulates whether or not you can change
permissions of files. Also, if the logged in user is different than the
owner and doesn't belong to the group, you won't be able to change them
either. I try to have the files for each virtual host set to that user
and use a common group so I can go in and modify any with my one login.
This prevents my clients from being able to alter other resources which
are placed in their space (such as web logs and statistics reports).
Concidering your other request though, I would tend to agree that you
have a permissions problem. Most of my public areas are chmod'ed 755 but
you might want to set yours at 777 to test and see if it lights up in a
browser and work your way down from there<br>
On my RH6.2 I would <br>
chmod -R /home/Username/WWW<br>
that's assuming you have nothing under /WWW/ that would be dangerous to
make world accessible for testing....<br>
<br>
Randy<br>
<br>
At 1/9/02 01:05 PM -0500, you wrote:<br>
<blockquote type=cite cite>I have noticed that when an ftp program is
used to access <br>
an ftp account that file within that account have certain <br>
permissions. In the ftp program I am using I also have an <br>
options to change those permissions using chmod, but when I <br>
try to use it, I get an access denied error message. My <br>
questions are as follows: <br>
<br>
Is this by design and do I want to have it set that way for <br>
security purposes? Is there any reason a web designer would <br>
need to change those permission? I would imagine they do. <br>
<br>
For instance I know on my Windows box I will not allow a <br>
user to read files from a location where a database may be, <br>
because I don't want them downloading that database. So I <br>
would give that folder execute and write permissions, but <br>
not read. It would seem that it would be a good thing to <br>
give an ftp user the ability to do this since they might <br>
have cause to do such a&nbsp; thing, but on the other hand, <br>
would that same user be able to upload a malicious file to <br>
the server, like a Trojan horse, and execute it?<br>
<br>
<br>
<br>
---------------------------------------------------------------------<br>
The official User-To-User support forum of the Apache HTTP Server
Project.<br>
See &lt;URL:http://httpd.apache.org/userslist.html&gt; for more
info.<br>
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org<br>
For additional commands, e-mail:
users-help@httpd.apache.org</font></blockquote></html>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message