Re: getting a php capability on ubuntu was Re: using scripting languages to automate a browser [message #180431 is a reply to message #180427] |
Wed, 13 February 2013 23:40 |
The Natural Philosoph
Messages: 993 Registered: September 2010
Karma:
|
Senior Member |
|
|
On 13/02/13 04:09, Cal Dershowitz wrote:
> On 02/12/2013 07:27 AM, The Natural Philosopher wrote:
>
>> All here by the looks of it
>>
>> https://help.ubuntu.com/community/ApacheMySQLPHP
>>
>>
>>
>
> Thanks all for comments. I got as far in the process as to have a
> localhost that shows up in a browser and try to write test.php, and I
> don't want to get too far ahead of myself with enabling permissions.
>
> $ cat > test.php
> bash: test.php: Permission denied
> $ pwd
> /var/www
> $ cd ..
> $ ls -l
> total 48
> drwxr-xr-x 2 root root 4096 Feb 1 17:18 backups
> drwxr-xr-x 18 root root 4096 Feb 12 20:06 cache
> drwxrwsrwt 2 root whoopsie 4096 Dec 13 07:35 crash
> drwxr-xr-x 2 root root 4096 Apr 23 2012 games
> drwxr-xr-x 66 root root 4096 Feb 12 20:07 lib
> drwxrwsr-x 2 root staff 4096 Apr 19 2012 local
> lrwxrwxrwx 1 root root 9 Jan 23 02:33 lock -> /run/lock
> drwxr-xr-x 19 root root 4096 Feb 12 20:07 log
> drwxrwsr-x 2 root mail 4096 Apr 23 2012 mail
> drwxr-xr-x 2 root root 4096 Apr 23 2012 opt
> lrwxrwxrwx 1 root root 4 Jan 23 02:33 run -> /run
> drwxr-xr-x 8 root root 4096 Apr 23 2012 spool
> drwxrwxrwt 2 root root 4096 Feb 12 20:02 tmp
> drwxr-xr-x 2 root root 4096 Feb 12 20:08 www
> $
>
> Without any better notion, I would simply chmod a +w here for www, but
> I'd first like to ask if that's a good idea, as sometimes I've found
> that when I lack permission to do something, that it's more like keeping
> me from shooting myself in the foot.
>
> What would you do now?
I would make www owned by (IIRC) www-data or whatever apache runs under,
and group staff and leave the permissions alone.
If that is felt to be a bit lax there are other arrangements involving
sticky bits that can ensure that what goes in there gets allocated to
the right group.
For a nasty hack for testing and getting stuff working chmod 777 the
directory at least. But don't do that on a publicly
visible server.
It pays to understand the permissions system on *nix properly,and use it
as another line of defence against hackers.
#
--
Ineptocracy
(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.
|
|
|