Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re: Creating and writing a file to a password protected directory

by belize (Deacon)
on Oct 12, 2002 at 18:17 UTC ( #204795=note: print w/replies, xml ) Need Help??


in reply to Creating and writing a file to a password protected directory

Our mistake. The directory is protect with .htaccess. When we tested the CGI, we kept getting an authorization screen requesting the username and password for the directory. After scratching our heads, we emptied the cache on our browser and tried again, and this time it worked without the authorization screen showing. Not sure why we got the first authorization screen...sorry for the mistake.
  • Comment on Re: Creating and writing a file to a password protected directory

Replies are listed 'Best First'.
(jeffa) 2Re: Creating and writing a file to a password protected directory
by jeffa (Bishop) on Oct 12, 2002 at 18:55 UTC
    Good deal. I recommend that you remove the 777 permissions from that directory and instead chown the directory to what ever user the web server runs as. I assume you are using Apache, correct? Use grep or egrep for 'User' on httpd.conf:
    egrep ^User /path/to/conf/httpd.conf
    
    to find out which user. Then you can chmod the directory to a safer 755.

    jeffa

    L-LL-L--L-LL-L--L-LL-L--
    -R--R-RR-R--R-RR-R--R-RR
    B--B--B--B--B--B--B--B--
    H---H---H---H---H---H---
    (the triplet paradiddle with high-hat)
    

      Depending on the data 755 may also be unsafe. I'm guessing that whatever data is being written must be both private and correct. If you were I then I'd set the minimum possible permissions and ensure that the process doing the writing was either the directory and file owner or at least in the right group. I'd hate for you to write down credit cards or something using that scheme. In general consider this advice incomplete and a guess at best. If you don't already understand unix permissions then you'll have to learn them prior to completing whatever you're doing. Of course there's additional security to be had by using public-key cryptography. Again, you have to know what you're doing to use it sanely (like not putting the private key on the server among others).

      __SIG__ printf "You are here %08x\n", unpack "L!", unpack "P4", pack "L!", B:: +svref_2object(sub{})->OUTSIDE

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://204795]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (6)
As of 2019-05-22 12:50 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you enjoy 3D movies?



    Results (140 votes). Check out past polls.

    Notices?
    • (Sep 10, 2018 at 22:53 UTC) Welcome new users!