Writing data to a file with 777 permission
I have a 开发者_Python百科.TXT file in a web-server with the permission as 777. So what are the changes that others might be able to edit the content of this file? The content is not much - just a number. Someone seems to have been tinkering with this file as the number vanished the other day!
No one else except me has the FTP password. So I was wondering if it's the permission that's giving it away? I'm a client side script programmer and don't have much knowledge about Linux and permissions.
If it's 777, that means anyone with an account on the system, or any application running on the system (including PHP scripts, even those owned by those other than you) can modify the file in any way.
So, yes, it's possible someone tinkered with the file. Could it perhaps have been a bug in your PHP script that removed the number?
If you can do so, it would be best to reduce the permissions to something more restrictive, like 644. This will still work if the PHP script that accesses the file is executed as the same user that owns the file. Many webhosts are configured this way, so you might be able to do this. 644 means the owner of the file can read and write to it, while others can only read.
It's the last 7 that is the problem. That 3rd 7 means read/write/execute permission for any user on the system. For many hosting providers, 640 or 660 is sufficiently secure for files you need to write.
Anybody can write anything in the file, and the file can be executed by anyone. If you never intend it to be a script, use 666 permission (or more restrictive); if do intend it to be a script, don't allow anyone to modify it (755).
精彩评论