[plug] re-submit: permissions on Web at ISP
wayne
hatari at iinet.net.au
Tue Jun 4 10:25:32 WST 2002
On setting up U,G,O permissions on a my website (hosted at an ISP)....
Q's arising:
1. What permissions for me to do necessary tasks, and allow external Users http access - but exclude external Users from doing nasty or deliberate stuff(ups)?
My logic is User is an "other" and only needs r access (someone has told me they only need x ) ?
Can they be prevented from reading site files but still do http?
2. An external ISP User can fill in a data form that calls a Perl script from cgi-bin. The perl extracts the data and stores it in a file in another directory. What permissions on the html file and what on the perl&dir and what on the file&dir? Neither the User or any other should be able to access that file. Remember this is hosted at an ISP, and I am only be a member of that site.
My logic (where a=any .=none and rwx=normal) is:
html file&dir ugo= aaa ... x.. or aaa ... x.r ?
perl&dir ugo= xaa ... ... ?
data&dir ugo=awr ... ... ?
Script will need to write data entered by user to a file in another directory but no-one should not be able to re-access it.
3. What about telnet, ftp and other prevention on same setup?
Regards to all,
wayne.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20020604/e225bd2a/attachment.html>
More information about the plug
mailing list