Web Hosting Talk






PDA

View Full Version : Chmod 007

PhoneSupport
04-27-2004, 11:15 AM
Hello,

If I CHMOD a php script 007 (As in it can only be viewed by the public), can a Cpanel home backup copy it (From the clients Cpanel)?

Thanks,

James
sprintserve
04-27-2004, 06:32 PM
007 means only the public can read, write and execute the file. That makes absolutely no sense at all from a system standpoint. As for your question, yes it can.
rghf
04-27-2004, 06:45 PM
Hmm prehaps they should introduce the command chmod bond :)

I'll get me coat

Rus
sprintserve
04-27-2004, 06:51 PM
Sure. You can have the coat. I get the girls :D
PhoneSupport
04-28-2004, 03:29 AM
Originally posted by sprintserve
007 means only the public can read, write and execute the file. That makes absolutely no sense at all from a system standpoint. As for your question, yes it can.

I wanted it so that

1 - The owner can not eddit the file, nor copy it.

2 - So that it can still execute/run from their website (Hence 7 on public)

Thanks for your comments anyway :)
rghf
04-28-2004, 03:32 AM
Well as an aside copying will be easy if they can access it from the web browser. They could just save it on their hard disk and upload it

Rus
PhoneSupport
04-28-2004, 11:53 AM
Not a php file ;)
pozmu
04-28-2004, 02:04 PM
if cpanel is root or nobody... probably ;) just try this and show us the results
BigGorilla
04-28-2004, 03:51 PM
Originally posted by WebspaceUK
I wanted it so that

1 - The owner can not eddit the file, nor copy it.

2 - So that it can still execute/run from their website (Hence 7 on public)


First you probably want 005, not 007 (do you really want the webserver to be able to write to the file?)

Second, all the owner has to do is chmod the file to copy it.

Third, yes cPanel will still back up this file if the user does a home directory backup.

and Forth (in case you disabled file manager) if the owner has the ability to create files in their own web directory, it's still very easy to get the source of that file if the webserver can read it.

If you don't want the user to have access to the source of the PHP, you should encode it (using whatever technology you have on your server, such as zend or ioncube). The user will still be able to copy it, but not change it.
PhoneSupport
04-29-2004, 03:09 AM
It is currently in Zend ;)

Thanks for that :)
nightwar
05-11-2004, 12:16 AM
perhaps try putting the file outside of the nested directory, and call an absolute path on the backend? im not 100% fluent with cpanel, but have enough unix admin background, where that would make sense?