[Fenix]

Hi,
I have a linux apache web server server running and I'm creating files to run just once. Once I run it via the web, I chmod 700 file.php and I shouldn't be able to run it via the web anymore, correct? The only way I can get it to not run is to chmod 000 file.php, but why doesn't 700 work? When I do chmod 700 file.php, I exit my ssh session so I'm not longer associated with the server, therefore I'm in the "other" group, but it still executes. Any ideas?

[O111111O]

You don't have apache jailed / are running the process are root.

Check the ownership of the file.

[AGCurry]

What 01111110 is trying to say is that the web user is not the owner of the file. The owner is whoever apache is running as.

[O111111O]

Quote:

Originally Posted by AGCurry

What 01111110 is trying to say is that the web user is not the owner of the file. The owner is whoever apache is running as.

Yeah, what you said. Except, I think Fenix is trying to prevent an anonymous user from executing the file.

[AGCurry]

I don't know much about PHP. Does a PHP script execute on its own, like a shell script, or is it interpreted like an awk script? If interpreted, all you would need to run it would be read permission.

[O111111O]

Yep, it can execute as shell.

http://us2.php.net/features.safe-mode

[Squashman]

4 - Read
2 - Write
1 - Execute

So what is wrong with it being 600

[O111111O]

I think he wants to be able to execute the file, possibly as authenticated user.