Showing results for 
Search instead for 
Did you mean: 

Setting permissions in my cgi root directory


Setting permissions in my cgi root directory

I have downloaded and installed phpx. One thing phpx does (which I don't understand why) is to create individual files for each new web page I add, these just call the main index?? Anyway the problem that I have is that I need to set the permissions of my root cgi directory to read/write/execute, but I can't get my head round the whole group, owner bit, so what should I set it to to be safe, but also allow me to run the script properly, also how do I set it?? I can use my ftp prog to set sub directories quite happily, but not this



Setting permissions in my cgi root directory

I assume the directory you're referring to is not the cgi-bin directory, but the one which contains it, your home directory on the CGI server?

To set permissions for your home directory, you could:[list=1]
  • Log on with telnet or ssh (see "csogilvie's" helpful CGI/Shell Server Basics tutorial). This puts you in your home directory.

  • Move up a directory:
    cd ..

  • Use chmod to change the permissions:
    chmod 0707 spectra

    (No "special" permissions set; full read, write and execute for yourself; nothing whatsoever for other Force9 users; read, write and execute for general users including the webserver.)

  • Check the permissions:
    ls -ld spectra

    If you see "drwx---rwx" at the start of the line, then, er... spectrum is green. (Sorry, couldn't resist it Shockedops: )

  • Log off:
    exit[/listShocked]I would recommend you create a new subdirectory under your home directory and install your package in that, so that you do not need to give write access to your home directory (then you could set permissions to 0705 ["drwx---r-x"] rather than the 0707 shown above).
  • N/A

    Setting permissions in my cgi root directory

    Thanks for that, it does make sense!!

    Being a windows user with no Unix/Linux experience, the only thing I am not sure about is the owner, user, group thing - what is the difference between them, I guess I am the owner, but what is group and user??

    Thanks for your help.


    ps we manufacture LED signs hence the name, check us out at Cool

    Setting permissions in my cgi root directory

    Every file or directory has both a user and a group assciated with it. The associated user and group may be viewed by using the ls (list) command with the option for "long" format output -- ie ls-l. For example:

    Sample output from ls-l . Click image for a larger picture

    For each of the objects shown in the listing, there is a user and a group associated with the object. In the picture, the users are the persons shown inside the red box, so for the object called "albert" the user is the user known as "nobody"; for the object called "bertrum", the user is "tutorial". The group associated with the file or directory is shown immediately to the right of its user, so "shellcgi" is the group associated with both "albert" and "bertrum" in the example above.

    If you create a file or directory, then you are its owner. I prefer the term owning-user, or owner-user, because chmod, the program for changing permissions, uses the abbreviation "u" to refer to this person. So, see the terms "user" and "owner" as synonymous (with a preference, in my view anyway, for using the term "user" to make the association with the letter "u").

    The group associated with a file or directory is normally the principal group to which the person who created it belongs, but it is possible to set special permissions which will force the group to be the same group as the group of the directory in which the object resides. The file "albert" in the example above had been created this way.

    As well as the (owner-) user and (owner-) group there's a third class of people which is "everybody else" -- ie anyone and everyone who's not the owner-user and not a member of the owner-group. These are typically referred to as "world" or "other" and chmod uses the abbreviation "o" to refer to these (which is why I prefer not to use "owner" for the user associated with the object).

    So, for any file or directory we have three classes of person: the user (chmod - "u"), the group (chmod "g") and "other" (chmod "o") and each of these has a set of permissions relating to their access entitlement to the file, which in each case may be any mix of read (r), write (w) and execute (x), which are indicated in the order rwx for each class of person.

    The ls -l output shows the permissions applicable to each group of people. This is at the beginning of each line. The very first character denotes the type of object, then there are three sets of three permissions: three characters for the user, three for the group, and three for "other". In the picture, the permissions applicable to the user [in the red box] are shown in the turquoise box. The permissions of the group associated with the object are the next three characters to the right, and "other" users' permissions are shown as the last three characters in that block. If a permission is not granted a "-" normally appears instead of the "r" "w" or "x" character. (There are "special permissions" which complicate this, so you could see characters like "s", "S" "t" and "T", instead of "r", "w", "x" and "-", but in essence, that's it.)

    So, if you access a file, the first check is to see if your effective user-ID matches the user associated with the file. If it does, the permissions relating to the "user" will be applied to you. If you aren't the "user", a check will be done to see if you are a member of the "group" associated with the file, and if you are, the "group" permissions will apply to you. But if you're neither the user nor a member of the group, the permissions for "other" people (the "world") will apply.

    The user and group associated with a file or directory may be changed with the "chown" program and the group may be changed with the chgrp program. As a result of using these someone's relationship to a file may suddenly change from being an "other" to being a "group" member or even the "user" (or vice versa) so their access entitlements may consequently change quite dramatically!

    See "petervaughan's" CGI: UNIX File Permissions for a more detailed explanation.