Re: Re: Re: CGI Script Created Files Playing Nicely

I have my 2c to put in too... If the folder has perms of 777 AND is executable by Apache (or whatever webserver for that matter) such as a text file in a cgi-bin for example you can have a major problem crop up. If executable folder has world-writeable files or the folder itself is world-writeable you can have yourself a major security violation.

no no no no non nononononnoononnononono

naw. the files are not in the cgi dir, they're just in a directory other than under the public_html directory, I see your point though, that would be clearly shooting yourself in the foot. I generally don't like the idea of having the dir at 777. the server i use runs SuEXEC, so the dir is set to something like 755, and my files are created with 0660, so i have less worries :)

An SQl based solution would be nice, but that would hurt portability quite a bit for this project and add complexity I don't, well want :)

-justin simoni
!skazat!

Comment on Re: Re: Re: CGI Script Created Files Playing Nicely

Replies are listed 'Best First'.
Re: Re: Re: Re: CGI Script Created Files Playing Nicely by feloniousMonk (Pilgrim) on Apr 27, 2001 at 17:12 UTC
-- Portability - if you do lock into a database do you need to maybe switch DB platforms at a later time? If so, and you still want a database (I know, more complexity, but may be worth it in the long run. Not as bad as one may think, believe it or not) do you know about the Perl DBI? It's a database interface with DBD's (Database Driver) for just about any database you may come up against. Also has ODBC drivers, if you want that functionality. If you want an almost-database check out Data::Dumper or Freeze Thaw. Maybe not the best soltuiotn for you but may be worth a look. Hope I've helped, felonious	[reply]

Replies are listed 'Best First'.

Re: Re: Re: Re: CGI Script Created Files Playing Nicely
by feloniousMonk (Pilgrim) on Apr 27, 2001 at 17:12 UTC

[reply]