Results 1 to 9 of 9

Thread: 755 Permission

  1. #1

    755 Permission

    Most of my files are 755 as permission. Is this safe?
    How about putting all files under 644 permission? What is the best permission so that all files are safe from intrusion?

  2. #2
    Join Date
    Apr 2005
    Posts
    1,711
    I usually keep files 0644, and directories 0755

  3. #3
    That depends I which files, OS, http software, http software security that is installed. You would have to elaborate more before anyone could answer your question.

  4. #4
    Join Date
    Apr 2000
    Location
    California
    Posts
    3,051
    Depending on the file, 0400, 0600, 0700 and 0711 are best. (i.e., 0400 for files that only need to be read, 0600 for files that only are read and written to by your own user, 0700 for scripts to execute as your own user only, 0711 for directories files and scripts reside in, and 0700 again for directories that your own user read/write to and don't need any direct web access). But, that depends, and sometimes you can't set them that low and need 0644 and 0700, 0711 or 0755. The lower, the better, if it'll work for you (depending on your server configuration and the type of file).

  5. #5
    Join Date
    Oct 2004
    Location
    Kerala, India
    Posts
    4,750
    Quote Originally Posted by zionchild View Post
    Most of my files are 755 as permission. Is this safe?
    How about putting all files under 644 permission? What is the best permission so that all files are safe from intrusion?
    php, html needs only 644 permission. perl, cgi files needs 755 permission. Directories need 755 permission. The configurations files of softwares such as gallery, forum etc. needs only 600 permission.
    David | www.cliffsupport.com
    Affordable Server Management Solutions sales AT cliffsupport DOT com
    CliffWebManager | Access WHM from iPhone and Android

  6. #6
    Join Date
    Apr 2000
    Location
    California
    Posts
    3,051
    Quote Originally Posted by david510 View Post
    php, html needs only 644 permission. perl, cgi files needs 755 permission. Directories need 755 permission. The configurations files of softwares such as gallery, forum etc. needs only 600 permission.
    If the configuration files only need to be 600, then the scripts are running as the user's own username. If not, than it'll need 644, 604, 444, 606, etc., or 666 (bad) or some 777 (bad). Overall, I mean, if 600 will work and they are running as the user anyway, that means 700 for CGI scripts is better, and directories should be 711 regardless, unless you want to have file listing (710 if scripts run as your own user), and if PHP runs with suphp or phpsuexec or just as normal CGi with a shebang, then 700 is again best. Anyway, again to the OP; the lowest you can get them for read, write, read/write and execute (or read, write and execute) as always best, so give a few a try and see what works.

  7. #7
    Join Date
    Nov 2001
    Location
    Ann Arbor, MI
    Posts
    2,978
    You could start with 0000 and grant read and write permissions until everything works. Basically, give the least permission necessary, which Tim has already said in one form.

    You could ask your host for what was minimally required to get things to work.
    -Mark Adams
    www.bitserve.com - Secure Michigan web hosting for your business.
    Only host still offering a full money back uptime guarantee and prorated refunds.
    Offering advanced server management and security incident response!

  8. #8
    Thank you very much for all your valuable discussion on permission. I have bookmarked the page for future reference and I will just go back to this thread when I have a new question. Again, thank you.

  9. #9
    Join Date
    Apr 2000
    Location
    California
    Posts
    3,051
    Ask your host, or test from lowest to highest. I don't believe starting at 0000 is worth the time, you should start higher (i.e., 0400) at the lowest (such as read only), as if no permissions at all were set, then you would likely not need the file there (unless you have files that you want to store, but ensure no one can access them).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •