Results 1 to 4 of 4
  1. #1

    Unhappy File/Folder security & permissions ...

    Hi all ,

    I admin one of our company sites . I'm not a born admin or guru , so the other day when I typed the following into a browser : (real name witheld)

    I saw a number of folders :

    bin - etc - lib - mail - pub

    I , as anyone else could access those folders & look inside .

    All were empty except lib & mail . Mail had 1 file of 0 bytes . Lib has several files : : : : : : : :

    Everyone of those files can be accessed and/or downloaded .

    SHOULD this be possible ?? - and if NOT what's the best way to safeguard these folders/files - are they important ??

    We use Cpanel with this particular host . I went into File Management and played arround a little with "permissions" - but all I succeeded in doing was altering permissions for some ofther folders/files , such as WWW etc.

    I need help from somone who can tell me the best (safest) level permissions to use on the main site working folders/files .

    I'm basicaly looking for the best CODE (eg. 505,700) to use as permissions for the highest level of safety .

    We (company) mainly use the server email & webmail . Thus there are other users who need to be able to access those but nothing else . (they need to be able to also change their passwords in Neomail) .

    Thanks for any help .

  2. #2
    Join Date
    Jun 2001

    chrooted ?


    perhaps your accessing a chrooted environment via this ftp account and its already safe.

    The files you have found (in the libs dir) are librarys which could be loaded dynamicly into applications to use some function. In linux they are called .so in Windows they are called .dll.

    They are something very normal and i think everyone needs at least read access to them. So perhaps a good permission is to allow everyone read but nothing more.


  3. #3
    I'm guessing this is anonymous FTP and you didn't know about it?

    As a security measure, you shouldn't have anonymous FTP at all unless you absolutely need it so since it seems like you have no reason to have it, you should get rid of anonymous logins.

    Those directories are normal for an anonymous FTP account, I'd just suggest you get rid of anonymous FTP.
    Affordable Hosting Solutions

  4. #4
    Thanks guys .. I'm a little less worried now . I guess I panicked a little there .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts