FOR IMMEDIATE SERVICE CALL:  866-566-HOST(4678)   
Web Hosting Provided by ProHosting.com - The Premier Web Hosting company in the world
  Our Services:
  Domain Services
  Virtual Web Hosting
  Programs:
  Promotions
  Member Referral
  Sales Agent
  Designer Directory
  Other Features:
  ParkPage
  About Us:
  Mission
  History
  Management
  Network
  Strategic Partners
  Site Directory
SUPPORT > FileMan > Tutorial > File Permissions

Return to Support

Unix / CGI Script Permissions Guide

In order for a CGI script to work, the permissions on the script must be set to allow the script to do what it needs to do. For example, a CGI script must always be set to allow execute access (running of the script); for scripts that need to update files, permissions must be set to allow write access to those files.

It's not that complicated once you have installed a few CGI scripts; however, there are different ways to say the same thing when it comes to permissions. This page is meant to provide an overview of the various types of permissions, how they are written and how to set them.

The information provided in this document assumes that you have some experience with CGI scripts and understand basic file permissions.

Default Permissions: Files

When you create a file on the web server or upload a file to the server using FTP, a set of default permissions are assigned to the new file. These permissions would look something like this:

-rw-r--r--   index.html

These permissions allow:

  • the owner (you) to read and write the file (indicated by rw-)
  • the group (other users in the server in the same group as you) to read (indicated by r--)
  • the world (everyone on the server, including the web server) to read (indicated by r--)

The leading character differentiates between files and directories (with a - indicating a file and a d indicating a directory).

These default permissions can also be written using a numeric mask, where the numbers indicate the permissions settings. The numeric mask for these default settings would be "644" (sometimes also written as "0644", "chmod 0644" or "chmod 644"). The numeric mask is mentioned since it is often the notation used in CGI script help files. It's good to be able to convert that to a permission you understand and know how to set.

Default Permissions: Directories

When you create a directory, the default permissions are something like this:

drwxr-xr-x   public_html

These permissions allow:

  • the owner to read, write and execute the directory (indicated by rwx)
  • the group to read and execute the directory (indicated by r-x)
  • the world to read and execute the directory (indicated by r-x)

Execute permissions are needed for directories so that you can access the directory. It does not mean that the directory will be executed (it is not a program) but rather allows the user to enter the directory and read the file listing.

The numeric mask for these default settings would be 0755.

Setting Execute Permissions: Files

When a file is a CGI script, execute permissions need to be set in order to allow the script to execute (run). The proper permissions are something like this:

drwxr-xr-x   script.cgi

These permissions allow:

  • the owner to read, write and execute the directory (indicated by rwx)
  • the group to read and execute (indicated by r-x)
  • the world to read and execute (indicated by r-x)

The numeric mask for these permission settings would be 0755.

Setting Write Permissions: Files

When a CGI script needs to update a file, the permissions need to be set in order to allow the script to read and write the file. The proper permissions are something like this:

-rw-rw-rw-   file.html

These permissions allow:

  • the owner to read and write the file (indicated by rw-),
  • the group to read and write (indicated by rw-)
  • the world to read and write (indicated by rw-).

The numeric mask for these permission settings would be 0666.

You should NEVER set a CGI script to 0666.This would mean that anyone could edit the script and add whatever commands they wanted to the program. That is a significant security risk.

Setting Write Permissions: Directories

When a CGI script needs to update a directory (i.e. - create a new file), the permissions need to be set to allow everyone to read, write and execute the directory. The proper permissions are something like this:

drwxrwxrwx   directory

These permissions allow:

  • the owner to read, write and execute the directory (indicated by rwx)
  • the group to read, write and execute the directory (indicated by rwx)
  • the world to read, write and execute the directory (indicated by rwx)

Remember, directory permissions need to be set to execute in order to access the directory.

The numeric mask for these permission settings would be 0777.

Just because you can write to a directory does not mean that you can write to all files in a directory. For directories, write permissions mean that you can create new files, but they do not mean that you can update existing files. Existing files can only be updated if the permissions on those files are set to allow writing.

Summary

This table summarizes the information presented above:

File Type In Plain English DirInfo Numeric Mask
File: Default owner: read, write
group: read
world: read		 -rw-r--r-- 0644 or 644
Directory: Default owner: read, write, execute
group: read, execute
world: read, execute		 drwxr-xr-x 0755 or 755
CGI Scripts owner: read, write, execute
group: read, execute
world: read, execute		 -rwxr-xr-x 0755 or 755
File: Write owner: read, write
group: read, write
world: read, write		 -rw-rw-rw- 0666 or 666
Directory: Write owner: read, write, execute
group: read, write, execute
world: read, write, execute		 drwxrwxrwx 0777 or 777
CALL TOLL FREE: 866-566-HOST (4678)

ProHosting has hosted over [an error occurred while processing this directive] web sites since 1996!
 
Need Help??

 
 
 
 
  866-566-HOST(4678)   © Copyright ProHosting Corporation. All Rights Reserved. 
    Your use of this website constitutes acceptance of the ProHosting® Privacy Policy and Terms & Conditions