Bojan Tesanovic wrote:
Heh you are really new to Linux
permissions on linux are set per user/group/other bases
so for most secure set permissions to read only for web-server user
so
chown 'webserveruser' file.php
chmod 400 file.php
make sure you have root access at server so you can change that file
or make a group for web-server as your group and set
read permissions on group level
chmod 440 file.php
Thank-you
But most web sites are virtually hosted and do not have root access to
set this up.
Most people just take the package and install with default masks.
So again I ask:
Are there are any security concerns when the read permission
is set on other. ie Couldn't one write a program to remotely read the
contents of the file.
Wouldn't it be better if the read permission was set for
user only and the php engine
could run the program as user like one can do for cgi using suEXEC.
Again thanks
David J.
