Permissions 777

Discussion in 'NZ Computing' started by John in Surrey, Mar 18, 2006.

  1. John in Surrey, Mar 18, 2006
    #1
    1. Advertising

  2. On Sat, 18 Mar 2006 23:30:09 +0000, someone purporting to be John in
    Surrey didst scrawl:

    > Hi
    > Ive been tols to change permisson on a folder on my webserver to 777
    > The folder is already read and execute with only owner able to wite.
    > Is this the equiv of 777?
    >

    Hi John

    Unix permissions are based on binary representations of the rwx
    permissions. So r is 4, w is 2 and x is 1. 777 means that user, group and
    other all have rwx permissions. What you have is 755 - 4+2+1, 4+1, 4+1.

    --
    Matthew Poole
    "Don't use force. Get a bigger hammer."
     
    Matthew Poole, Mar 18, 2006
    #2
    1. Advertising

  3. John in Surrey

    ChrisOD Guest

    In article <>, Matthew Poole wrote:
    > On Sat, 18 Mar 2006 23:30:09 +0000, someone purporting to be John in
    > Surrey didst scrawl:
    >
    >> Hi
    >> Ive been tols to change permisson on a folder on my webserver to 777
    >> The folder is already read and execute with only owner able to wite.
    >> Is this the equiv of 777?
    >>

    > Hi John
    >
    > Unix permissions are based on binary representations of the rwx
    > permissions. So r is 4, w is 2 and x is 1. 777 means that user, group and
    > other all have rwx permissions. What you have is 755 - 4+2+1, 4+1, 4+1.
    >

    Yes but I am suspicious of a properly configured web server needing 777 on
    a folder.

    This can lower the security significantly on your webserver, depending
    on other factors.
     
    ChrisOD, Mar 19, 2006
    #3
  4. On Sun, 19 Mar 2006 12:14:29 +1200, someone purporting to be ChrisOD didst
    scrawl:

    > In article <>, Matthew Poole wrote:

    *SNIP*
    > Yes but I am suspicious of a properly configured web server needing 777 on
    > a folder.
    >

    It can happen, mostly with poorly-written applications. It can also be a
    problem in a shared-hosting environment, which happens to be the situation
    where you most want to keep security as tight as possible.

    > This can lower the security significantly on your webserver, depending
    > on other factors.

    In shared hosting it's a real problem, because anyone who knows an
    absolute path can get the web server to write up to it. This isn't a
    problem if you're using something like a biba MAC model, but most hosting
    providers lack the necessary skills to be able to implement it properly -
    and this isn't knocking them in any way, because my cursory examination of
    MAC says that it's fucking terrifying.

    --
    Matthew Poole
    "Don't use force. Get a bigger hammer."
     
    Matthew Poole, Mar 19, 2006
    #4
  5. John in Surrey

    ChrisOD Guest

    In article <>, Matthew Poole wrote:
    > On Sun, 19 Mar 2006 12:14:29 +1200, someone purporting to be ChrisOD didst
    > scrawl:
    >
    >> In article <>, Matthew Poole wrote:

    > *SNIP*
    >> Yes but I am suspicious of a properly configured web server needing 777 on
    >> a folder.
    >>

    > It can happen, mostly with poorly-written applications. It can also be a
    > problem in a shared-hosting environment, which happens to be the situation
    > where you most want to keep security as tight as possible.
    >
    >> This can lower the security significantly on your webserver, depending
    >> on other factors.

    > In shared hosting it's a real problem, because anyone who knows an
    > absolute path can get the web server to write up to it. This isn't a
    > problem if you're using something like a biba MAC model, but most hosting
    > providers lack the necessary skills to be able to implement it properly -
    > and this isn't knocking them in any way, because my cursory examination of
    > MAC says that it's fucking terrifying.
    >

    Agreed, I know almost nothing about biba-MAC. I claim the old dogs/new
    tricks clause.
     
    ChrisOD, Mar 19, 2006
    #5
  6. On Sun, 19 Mar 2006 10:36:54 +1200, Matthew Poole <>
    wrote:


    >Unix permissions are based on binary representations of the rwx
    >permissions. So r is 4, w is 2 and x is 1. 777 means that user, group and
    >other all have rwx permissions. What you have is 755 - 4+2+1, 4+1, 4+1.


    Thanks Mathew, what better way to while away a freezing cloudy day in
    Surrey other then cmd / ftp /ls cwd my way back to titahi-bay.co.nz
    I might get homesick!

    thanks

    Images of home (NZ)
    http://www.titahi-bay.co.nz/home
    What we are up to in the UK
    http://www.titahi-bay.co.nz
     
    John in Surrey, Mar 19, 2006
    #6
  7. John in Surrey

    Peter Guest

    Matthew Poole wrote:

    > On Sat, 18 Mar 2006 23:30:09 +0000, someone purporting to be John in
    > Surrey didst scrawl:
    >
    >> Hi
    >> Ive been tols to change permisson on a folder on my webserver to 777
    >> The folder is already read and execute with only owner able to wite.
    >> Is this the equiv of 777?
    >>

    > Hi John
    >
    > Unix permissions are based on binary representations of the rwx
    > permissions. So r is 4, w is 2 and x is 1. 777 means that user, group and
    > other all have rwx permissions. What you have is 755 - 4+2+1, 4+1, 4+1.
    >

    Remember that x has different meanings for folders and files. For files
    (including scripts) it means executable, I think for folders it needs to be
    'set' to allow anyone to 'pass through' the folder which is part of a long
    name eg /home/user/file.txt /home needs to gave x set for user, group
    and all to allow the long name to work. If I am wrong I stand corrected
    in anticipation.
     
    Peter, Mar 19, 2006
    #7
  8. John in Surrey

    Ron McNulty Guest

    That's correct Peter. The 'x' bit for a directory gives search permissions.

    A good default setting for non-sensitive data is 755 - Owner all, group and
    others can search and read.

    Regards

    Ron

    "Peter" <> wrote in message
    news:...
    > Matthew Poole wrote:
    >
    >> On Sat, 18 Mar 2006 23:30:09 +0000, someone purporting to be John in
    >> Surrey didst scrawl:
    >>
    >>> Hi
    >>> Ive been tols to change permisson on a folder on my webserver to 777
    >>> The folder is already read and execute with only owner able to wite.
    >>> Is this the equiv of 777?
    >>>

    >> Hi John
    >>
    >> Unix permissions are based on binary representations of the rwx
    >> permissions. So r is 4, w is 2 and x is 1. 777 means that user, group and
    >> other all have rwx permissions. What you have is 755 - 4+2+1, 4+1, 4+1.
    >>

    > Remember that x has different meanings for folders and files. For files
    > (including scripts) it means executable, I think for folders it needs to
    > be
    > 'set' to allow anyone to 'pass through' the folder which is part of a long
    > name eg /home/user/file.txt /home needs to gave x set for user, group
    > and all to allow the long name to work. If I am wrong I stand corrected
    > in anticipation.
    >
     
    Ron McNulty, Mar 19, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silverstrand

    Lian Li PC-777 Anniversary Case Review

    Silverstrand, Oct 21, 2005, in forum: Front Page News
    Replies:
    44
    Views:
    3,469
    The Modfather
    Nov 17, 2005
  2. HowburyPete

    File shaing - how to set permissions?

    HowburyPete, Jul 5, 2004, in forum: Wireless Networking
    Replies:
    2
    Views:
    1,317
    HowburyPete
    Jul 7, 2004
  3. Joe Blow

    Ken Boardrow (916) 777-6225

    Joe Blow, Jun 25, 2004, in forum: Digital Photography
    Replies:
    1
    Views:
    335
    EZ-Chill
    Jun 25, 2004
  4. MZB

    Epson 777 printer problem

    MZB, Jan 20, 2007, in forum: Computer Support
    Replies:
    3
    Views:
    507
    WhzzKdd
    Jan 21, 2007
  5. peterwn

    TelstraClear cell phone service and #777

    peterwn, Aug 26, 2008, in forum: NZ Computing
    Replies:
    1
    Views:
    394
    peterwn
    Aug 26, 2008
Loading...

Share This Page