Yes. 644 => (Binary) 110_100_100 => RW-(User)_R--(Group)_R--(Other) Only the User (owner of the files) can write the file, but members of the owner group and all others can read it. Search for "man chmod" and you will get a detailed explanation of permissions. Check directory permissions as well. A file can only be deleted from or added to a directory if the the perpetrator has write permission (as user or group or other) on the parent directory. Peter West "See that you do not despise any of these little ones..." On 4 Oct 2014, at 12:51 pm, Jim Giner <jim.giner@xxxxxxxxxxxxxxxxxx> wrote: > On 10/3/2014 8:04 PM, Richard wrote: >> >> >> ------------ Original Message ------------ >>> Date: Friday, October 03, 2014 19:51:59 -0400 >>> From: Jim Giner <jim.giner@xxxxxxxxxxxxxxxxxx> >>> To: php-general@xxxxxxxxxxxxx >>> Subject: Re: Re: hacked!! >>> >>> On 10/3/2014 5:11 PM, ellis@xxxxxxxxxxx wrote: >>>>> And how do I know what the web server can do? >>>> >>>> The web server *executes* PHP scripts. Most likely one or >>>> more of those scripts has a bug that was used to write >>>> files into your document tree. Your document tree should >>>> not be writable but most likely is. >>>> >>>> -- >>>> http://www.spinics.net/lists/ >>>> >>> None of my scripts do any file uploading (to the server). None. >>> >>> I still don't know how I can tell what permissions the web server >>> has. >> >> >> There is no requirement that your scripts (be programmed to) upload >> files. All it takes is for you to have a poorly written php script, >> e.g., perhaps something where you don't properly/fully sanitize >> values you pick up from the QUERY_STRING, for a hacker to be able to >> modify a file (assuming that the file permissions are set >> inappropriately). >> >> What are the ownerships and permissions on the directories and files >> under your web root? >> >> - Richard >> >> You mean like '644'? > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php