chmod 755 or -rwxr-xr-x, huh what??

Deb · 01-26-1999, 04:01 AM

Quote:

Q. My script don't work?
A. You have the permissions set wrong. Try chmod 755
Q. HOW?

chmod = change mode = set the permissions.

Many are unsure how to do this, and once the how is figured out the confusion between Octal and symbolic shows up...

Q. How to do it?
The answer to this question is easy if you are using telnet. From the prompt simply type chmod mode filename
[example: chmod u=rwx,go=rx file.cgi (u = user, g = group, o = other)]
There is more info available in telnet by typing man chmod or better yet type info \(fileutils\)

If you are using an FTP program, the answer varies.. usually you need only right click on the file and the option will be in the menu. If not, open HELP and search for "chmod" or "permissions" or "change mode". Most FTP programs have this feature readily available. Some utilize octal, others utilize symbolic, yet others offer both. Making it equally important to understand how to convert between the two.

Octal and symbolic???

Some scripts may say 755 this is octal. Others may say -rwxr-xr-x this is symbolic. They both are telling you to set the permissions the same exact way

Read = r = 4
Write = w = 2
Execute = x = 1

There are three types that can get to a file if you allow them to... The Owner, The Group, and Everyone else.

So let's say myfile.cgi needs me, the owner, to be able to do everything (read it, write to it, and execute it), we need the group (people/machines with my same access) to be able to read it and execute it but we do not want them to write to it, and we need the same permissions given to everyone else.

User = rwx or 7 (since 4 + 2 + 1 = 7)
Group = r-x or 5 (since 4 + 0 + 1 = 5)
All = r-x or 5 (since 4 + 0 + 1 = 5)

The above equals chmod 755 or chmod u=rwx,go=rx

When you realize the permissions you set on a script are you giving yourself and the group and EVERYONE else permission to do things to your file, it's easy to see why mode 777 is not always a wise idea

Default modes if you upload a file to the server and change nothing:

All Files that are not scripts or directories
644 = -rw-r--r--
User everything everyone else just read.

All directories and anything that "looks like" a script
755 = -rwxr-xr-x
User everything, Group and Other can read and execute

------------------
Unlocking the Power of the Internet!
www.FutureQuest.net

[This message has been edited by Deb (edited 01-26-99).]

Mandi · 01-26-1999, 02:16 PM

This is great, Deb - Thanks! When you have a minute (haha, right?) a tutorial on un-tar funtions using telnet would be super, too.

Stephen · 02-19-1999, 05:40 PM

OK, I feel dumb asking this but I'm not sure what's going on. I've loaded up my cgi programs into subdirectories of /cgi-bin and set the permissions to 755 and tried to run them. They run, by they don't get far. They fall flat on their face at the first directory-associated command. This is a perl opendir. When I try to read the following directory:

www.randommouse.com/cgi-bin/ubb-cgi/members

the server tells me that the directory doesn't exist. I have it set to 0755 (as far as I can tell), so I'm confused. Can anyone tell me what obvious mistake I'm making?

By the way, although I will be running a version of the UBB, it's customized, so the directory named above IS correct.

Any suggestions are appreciated.

[This message has been edited by Stephen (edited 02-19-99).]

Justin · 02-19-1999, 07:11 PM

Try this:

/big/dom/xrandommouse/cgi-bin/ubb-cgi/members

That's the full server path to the directory. Using the URL is not the same, and the server is looking for a directory called /www.randommouse.com/... which doesn't exist.

I recomend putting your member files, etc, underneath the www root so that they are not accessible from the web, eg /big/dom/xrandommouse/members. That's what I did. Otherwise, someone knowing the UBB could possibly hack it. It's not easy to hack, but it can be done. Putting the directory under the www root makes it impossible to access without FTPing in.

But the path thing should fix you up. Anytime it asks for full path, that's what it wants. If it asks for URL path, then use http://www.randommouse.com/blah - always use the http://, too.

Hope this helps

------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

Stephen · 02-19-1999, 10:10 PM

Justin,

Thanks very much. I see your point. I should be able to muddle my way through from here on. I'm still a little confused, but a little trial and error should sort it all out.

Stephen

hearts · 02-19-1999, 10:32 PM

ahhhh... Stephen.. nothing is really that confusing.. I have learned that I get nervous getting into something I feel I know so little about. Just do like I did.. try it.. get stuck.. ask a few questions along the way.. and everything will turn out ok! *especially with Justin around*

there is one other mistake that I have seen FQ users do ..

in the absolute path in a script.. some people forget this: (I even did when I was working my first script)

when it is NOT your cgi-bin don't forget the "www" portion of your path.

/big/dom/xrandommouse/www/members

and I am sure you know the other important piece #!/usr/bin/perl or #!/usr/local/bin/perl as the first line of all your perl/cgi scripts.

-----

hearts

[This message has been edited by hearts (edited 02-19-99).]

Justin · 02-20-1999, 05:57 AM

Hearts, the above reference to /big/dom/xdomain/members is intentional. That's where mine is. This keeps it inaccessable from the web - it is not part of the www root, it is below it (actually, parallel, like the cgi-bin). It is not set up like that by default, but that's how I recomend running it, especially since the passwords are not encrypted at all.

Quote:

*especially with Justin around*

And I thought all I did was confuse people! Maybe I should try harder...

------------------
Justin Nelson, SFE Inc.
http://www.vdj.net

Del · 02-20-1999, 06:24 AM

Another way to do it is this;

/big/dom/xdomain/cgi-bin/Members

Terra recommended to do it that way, as directory browsing is also totally unavailable if it's in the cgi-bin.

Another thing to do is chmod your Members directory (wherever it may be) to 700 (or drwx------). That way you still have full read/write/exectue access, then noone else in the world does. Since Andrew is running such a wonderfully modified version of suEXEC, your cgi scripts actually execute as you (instead of nobody), so there's zero reason to chmod anything 777 (world writeable).

If you use both of these together, not only is file viewing not permitted inside the cgi-bin, but since it's mode 700, noone could view the thing anyway

I finally broke down and bought the full UBB a couple days ago (Ted has put out two releases already tho...). It's at http://chat.downinit.com/cgi-bin/ubb/Ultimate.cgi if anyone wants to see it (although it's just your standard UBB with Del's colorblind touch).

------------------
Del
www.downinit.com

da da da

hearts · 02-20-1999, 09:25 AM

ummmmmmm .. justin..
if you read.. it SAID if it WEREN'T your CGI bin. Cuz.. when setting up your scripts.. they will need to know the absolute path to the NON cgi-bin as well.. *really* I wasn't trying to redirect anyone's CGI/perl scripts.

oh.. and another thing.. you don't confuse us.. *or should I rephrase that?* (giggle) I find ya to be very helpful and would recommend anyone to email ya for help..

[This message has been edited by hearts (edited 02-20-99).]

Stephen · 02-20-1999, 02:55 PM

Here's an easy question for you types far more knowledgeable than I about running websites under Apache (so far I've done all my cgi programming under Win95--a whole 3 months--and now I'm trying to enter the real world!).

How do I specify an alias for my /cgi-bin directory so that I can type for HTML tags things like href="/cgi-bin/some-dir/some-script" etc, and also type into my browser http://www.randommouse.com/cgi-bin/some-dir/some-script

I thought I might be able to put a script alias into the .htaccess file in my /www directory but that didn't work. At least it didn't work the way I tried to implement it, which was just to put in the line

ScriptAlias /cgi-bin/ /big/dom/xrandommouse/cgi-bin/

Does this line need to be wrapped inside something else? Am I way off the track?

--Hopeless Win95 user (although I have used Unix systems before, just not in a web context).

[This message has been edited by Stephen (edited 02-20-99).]