LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 01-24-2006, 07:10 AM   #1
wissyweb
LQ Newbie
 
Registered: Jan 2006
Posts: 1

Rep: Reputation: 0
Question File write permissions of 777 and 755


I have a web server with several domains hosted on it and have some folders set to 777 to allow (usually shopping carts) to write text files and upload images etc.

I have been hacked and all folders set to 777 have had files written to them which caused shopping carts etc to malfunction.

If I set the permissions to less than 777 I am unable to write successfully. Some servers are able to set permissions lower than 777 (say 755) others are not. I beleive this may be related to the PHP user which is usually set to 'nobody'.

I am getting a new server (with Fedora Core Linux) - how can this be set up so that PHP scripts within a domain can write to folders set lower than 777?
 
Old 01-24-2006, 08:41 AM   #2
marozsas
Senior Member
 
Registered: Dec 2005
Location: Campinas/SP - Brazil
Distribution: SuSE, RHEL, Fedora, Ubuntu
Posts: 1,393
Blog Entries: 1

Rep: Reputation: 64
I do not believe your site was cracked because the folders/files permissions. A more logical cause is a bug in your php scripts that allow the attacker gain a shell with the same previlegies the php user has.

Anyway, change the owner of folders and files to the same php user. chmod -R nobody:nobody /path/to/your/rootdocumentfolder and chmod -R go-rwx /path/to/your/rootdocumentfolder.

good luck next time,
 
Old 01-24-2006, 09:12 AM   #3
oneandoneis2
Senior Member
 
Registered: Nov 2003
Location: London, England
Distribution: Ubuntu
Posts: 1,460

Rep: Reputation: 46
And if you don't want/can't set the files to be owned by the PHP user, then set the 'group' permissions to 7 and make sure that the PHP user is a member of the same group that owns the files.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
grip : no write access to write encoded file bidouilleur Linux - Software 5 10-09-2010 10:23 PM
home directories created w/ 755 permissions psychobyte Linux - Security 8 01-16-2006 10:36 PM
755 permissions via samba for a CDrom or DVDrom... howto in debian? Lleb_KCir Linux - General 1 03-13-2005 01:39 PM
cannot edit file as root with write permissions set? Mishley Red Hat 4 08-05-2004 01:23 PM
chmod 755 won't change file permission. duffboygrim Linux - General 11 04-29-2004 07:17 PM


All times are GMT -5. The time now is 08:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration