Heh you are really new to Linux
permissions on linux are set per user/group/other bases
so for most secure set permissions to read only for web-server user
so
chown 'webserveruser' file.php
chmod 400 file.php
make sure you have root access at server so you can change that file
or make a group for web-server as your group and set read permissions
on group level
chmod 440 file.php
On May 12, 2008, at 4:45 PM, David Jourard wrote:
Hi,
I'm very new to php.
One thing I noticed in order to run the php program (on a linux
server) I
need to set the read permission
for Other.
In this program I'll have the MySQL credentials defined.
Are there are any security concerns when the read permission
is set like this. Wouldn't it be better if the permission was set for
user only and the php engine
could run the program as user like one can do for cgi using suEXEC.
Couldn't one write a program to remotely read the contents of the
file.
Thank-you
David J.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Bojan Tesanovic
http://www.carster.us/
