•Re: Re: •Re: Beginner CGI programming, authentication

Nothing should ever be "777".

It's true that the userid of the webserver needs to be able to read and write the message file, but there are (at least) two ways to accomplish that:

Use the chown command to make the file owned by that user.
chmod the file to 666 (not 777)

You never want to have a world writable file also be an executable. That's just begging for someone to come along and put random content into it and then executing that.

-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.

Comment on •Re: Re: •Re: Beginner CGI programming, authentication

Replies are listed 'Best First'.
Re: •Re: Re: •Re: Beginner CGI programming, authentication by mkahn (Beadle) on May 16, 2003 at 11:27 UTC
Good point. My client's server writes to the text file with a 6-- code, while my test server requires --6 permissions.	[reply]