Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

script security: permissions

Status
Not open for further replies.
DPisarev

DPisarev

Programmer
Dec 12, 2002
29
CA
Hi,

I have a newbie question, for which I nonetheless could not find a reasonable answer on Google no matter how long I searched.

It's stated everywhere that a script's permission must be 755 for it to work. While I understand the need to give everyone the permission to *execute* a script, I don't see why anyone but the script's owner should have *read* access to it. If you let someone see the logic of your script, aren't you compromising your system? The same goes for *write* permissions for database files: as soon as someone finds out these files exist, won't they be able to tamper with them given that these files are world-writable?

Sorry if my questions sound primitive, but nonetheless I still couldn't find a straight answer to them anywhere on the web...

Thanks in advance,
Dmitri.
 
Sort by date Sort by votes
all interpreted scripts like shell, perl and so on
have to be readable and executable by the user using
it, for awk -f cmdfile the last must be readable.
they don't need to be writeable, as long you don't
make changes in it.
so: chmod 555 filename. -----------
when they don't ask you anymore, where they are come from, and they don't tell you anymore, where they go ... you'r getting older !
 
Upvote 0 Downvote
Many thanks, jamisar. You're right, a script does need to be readable to be executable, I just verified that.

But one probably still doesn't want the code of one's web scripts to be ever *read* by the world, right? Are there ways to make sure the logic of one's script is never seen by outsiders, even though the script is technically readable?

Also, since files that scripts write to ("database" files) have to be writeable, isn't there a chance a malicious hacker may also be able to modify such a "database" file directly?

Thanks again,
Dmitri.
 
Upvote 0 Downvote
Unless you're running it as root. If you're running as root it just needs to be excecutable. (tested on SunOs 5.8) Mike

"Experience is the comb that Nature gives us, after we are bald."

Is that a haiku?
I never could get the hang
of writing those things.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

eslie
  • Locked
  • Question
Perl script behavior makes no sense!!!
Replies
0
Views
385
eslie
eslie
Anurag Sinha
  • Locked
  • Question
calling perl script on click of the button
Replies
0
Views
336
Anurag Sinha
Anurag Sinha
pendle666
  • Locked
  • Question
Update Perl Script to latest version of Perl
Replies
1
Views
404
feherke
feherke
whn
  • Locked
  • Question
A very simple script does not work 1
Replies
4
Views
345
whn
whn
esystems
  • Locked
  • Question
Perl script error "500 SSL negotiation failed"
Replies
0
Views
355
esystems
esystems

Part and Inventory Search

Sponsor

Back
Top