hi,every
i have a php project and use centos to go
and how to make folder's privilage and make it saft
like: /home/htdocs/test
chown -R www:www /home/htdocs/test
chmod -R 644 /home/htdocs/test
etc
thanks very much
On 1/03/2011, at 4:51 AM, Yang Yang wrote:
hi,every
i have a php project and use centos to go
and how to make folder's privilage and make it saft
like: /home/htdocs/test
chown -R www:www /home/htdocs/test
chmod -R 644 /home/htdocs/test
Almost correct, but directories also need the 'execute' permission. 644 for files, 755 for directories.
chmod 755 /home/htdocs/test/
You seem new to this, so I should also point you to the following, which will give you a good head-start.
http://phpsec.org/projects/guide/ http://www.owasp.org/index.php/Main_Page
and this is a tutorial for PHP in a Chinese context, although on a Windows platform.
http://www.herongyang.com/PHP-Chinese/
再见! 胡鑫
On 02/28/11 7:51 AM, Yang Yang wrote:
hi,every
i have a php project and use centos to go
and how to make folder's privilage and make it saft
like: /home/htdocs/test
chown -R www:www /home/htdocs/test
bad idea, the webserver should NOT own or have write access to web files.
chmod -R 644 /home/htdocs/test
as someone else said, directories need 'execute' privilege (which really means permission to list the dir). also, the webserver needs +r access to any directory above the http directory.
chmod o+r /home/htdocs
I'm curious, is htdocs a user account? putting web pages in a non standard place like this will trip up selinux bigtime. the standard http directory on CentOS is /var/www/html/ ... I generally put application websites other than the system default site in /home/(owner-of-application)/public_html but this also requires some tinkering with selinux, and of course, a file in /etc/httpd/conf.d with the virtual host specifications
-
Cameron Kerr -
James Hogarth -
John R Pierce -
Yang Yang