PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Mon Jun 18, 2018 9:53 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Mon Apr 23, 2018 10:37 am 
Offline
Forum Newbie

Joined: Mon Apr 23, 2018 10:32 am
Posts: 1
I've been searching for sources to help me understand Linux Apache permissions from the PHP programmer's perspective getting only the rwx and 755 type descriptions and processes in abundance.

What I need is a *source* that I can learn Linux permissions from the perspective of the *PHP programmer*, not for the Linux admin who has the box locally or remotely. I'd like to know, for example, when to give each of the three users which permissions for my PHP app's directories, data files and PHP scripts on the basis of heightening security.


Top
 Profile  
 
PostPosted: Mon Apr 23, 2018 12:07 pm 
Offline
Forum Newbie

Joined: Sun Jan 28, 2018 12:18 pm
Posts: 9
It took me a while to figure out linux permissions. I made some notes that might help. (See also here: https://unix.stackexchange.com/question ... linux-work)

Here's chmod for PHP: http://php.net/manual/en/function.chmod.php

Here is what the numbers represent:
4: read
2: write
1: execute
0: no permission

Each of what they represent is added together to come up with a final number.
The final numbers are in the usual order: user, group, world.

For example, 'chmod 745 myfile' means 'owner of myfile has all permissions; group has read, no
write, and no execute permissions; world has read, no write, and execute permissions'.



Difference Between File and Directory Permissions

Read ('r' or '4') for Files. Allows a file to be opened and read.

Read For Directories. Allows a directory's contents to be listed, if the execute attribute is also set.


Write ('w' or '2') for Files. Allows a file to be written to or truncated. However this attribute does not allow files to be renamed or deleted. The ability to delete or rename files is determined by (write) directory attributes.

Write for Directories. Allows files within a directory to be created, deleted, and renamed, if the execute attribute
is also set.


Execute ('x' or '1') for Files. Allows a file to be treated as a program and therefore executed. Program files written in scripting languages must also be set as readable ('r' or '4') to be executed.

Execute for Directories. Allows a directory to be entered, e.g., 'cd directory'.

Note the difference here between directory execution, which allows you to enter / access the directory, and file execution, which allows you to run the program contained within the file.

With that I think you'll have the basis to determine exactly what you want your users to be able to do, and program it in.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group