tags:

views:

29

answers:

1
Q: 

File permissions

HI all I have a question regarding file permissions.

I have created a log file lets say "logfile.log" which traps certain errors, now in order for it to be writable i set its permissions to 777. But when i do this, it then is accessible to anyone to read via their browser.

how would i go about solving this issue?

thanks

+2  A: 

Your log file should never be inside a directory that's served up by your webserver.

Also, mode 777 makes your log file writable to anyone on the system, and also makes it executable. A more sane mode is 644, or 600 to be a bit (actually two bits) more paranoid.

Thomas  2010-08-12 19:01:03
or 7 bits more paranoid
Scott M.  2010-08-12 19:01:44
I would think that was two bytes more paranoid myself ...
drachenstern  2010-08-12 19:08:46
OK i put this file outside the webserver directory, but it seems nothing less than 777 will not write to that file, any ideas why this would happen? If i try 644 or 600 the file just doesn't get written to... thanks !
chicane007  2010-08-12 19:13:18
That should not happen. Is the log file's directory writable and executable for the user that PHP is running as?
Thomas  2010-08-12 19:29:30
yes, the directory is set to be writable, readable and executable for the owner, the file its self can only be written to if its set to be writable by "others" whether the owner or group are writable is inconsequential....
chicane007  2010-08-12 19:51:20
FYI for any one else having this issue....i emailed my host and this is what they say:If you have not implemented php-cgiwrap, then php is being run as a module of the Apache web server. As such, it runs as the username 'nobody' and any files owned by you would need to have permissions set accordingly to allow this other user to write to those files. If you implement php-cgiwrap, then all of your php will run as your actual username, instead of 'nobody', and this would allow php to modify files owned by you without having to setup open permissions like 777.
chicane007  2010-08-12 20:11:14
@chicane007 ~ The reason for that is as I responded in the comment above, before I read this answer. It has to do with permissions of the account accessing those files. Best to get your PHP configured how you need it, so get on serverfault and let those guys help you...
drachenstern  2010-08-12 21:51:23

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases