Solved

Permissions

Posted on 2004-04-19
15
219 Views
Last Modified: 2010-04-20
Hi Experts,

I have some javascript files in /scripts directory and need to set permissions so that only webserver can read and execute them

Thank you.
0
Comment
Question by:fpoyavo
15 Comments
 

Expert Comment

by:zberke
ID: 10865250
chown -R apache.apache /scripts

or replace apache.apache with nobody.nogroup -- or www.www

depends on what user your web server runs as.

if you're running apache, look for the line in httpd.conf that looks like this:
User apache
Group apache

If it says the above, use "apache.apache"
If it says

User nobody
Group nogroup

then use nobody.nogroup...

etc.

Clear?
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10866673
then alter the perms of the files to
chmod 750 -R /scripts
Then just the apache.apache with nobody.nogroup -- or www.www
will be able to use them.

/Rob
0
 
LVL 3

Expert Comment

by:tolgadalkilic
ID: 10868215
chown -R username directory (use the user that is specified in the httpd.conf file, directory is the /scripts directory)
chmod 700 -R directory
0
 
LVL 1

Author Comment

by:fpoyavo
ID: 10870771
Still can download  scripts just typing path in browser ...What's next ?
0
 
LVL 1

Author Comment

by:fpoyavo
ID: 10870791
Should I login as user or root to make it work ?
0
 
LVL 1

Author Comment

by:fpoyavo
ID: 10870818
I ried both no luck :(
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10876396
You hve to make settings in the server not to download from that dir.
 <Directory "/script">
        AllowOverride None
        Options ExecCGI
        Order allow,deny
        Allow from all
  </Directory>
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 
LVL 1

Author Comment

by:fpoyavo
ID: 10882538
da99rmd,

I have added it to httpd.conf as:

<Directory "/opt/myapp/tomcat/webapps/mydir/script">
        AllowOverride None
        Options ExecCGI
        Order allow,deny
        Allow from all
  </Directory>

Restarted server and No Luck. I still can download them :(.

Thank you.
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10886260
with run you mean run not download ?

Try puting just x on user and group on the scripts

/Rob

0
 
LVL 1

Author Comment

by:fpoyavo
ID: 10892088
da99rmd,

Yep. You mean to assign execute only ?

Thank you.
0
 
LVL 1

Author Comment

by:fpoyavo
ID: 10959728
Can anybody help ?
0
 
LVL 8

Expert Comment

by:da99rmd
ID: 10975448
chmod 111 (the file)
/Rob
0
 
LVL 1

Author Comment

by:fpoyavo
ID: 10978654
da99rmd,

The problem is that 111 actualy blocks from read access by application. Javascript has to be read
and then executed.

I doubt that there is any solution to it.

Anybody would argue ? :)

tHANK TO ALL. I am really confused ...why there is no way to make Javascript to be accesable by
web app only.
0
 
LVL 8

Accepted Solution

by:
da99rmd earned 500 total points
ID: 10984198
When you have this on the dir
<Directory "/opt/myapp/tomcat/webapps/mydir/script">
        AllowOverride None
        Options ExecCGI
        Order allow,deny
        Allow from all
  </Directory>

The server will not allow donload not on my server any way just running.

/Rob
0
 
LVL 1

Author Comment

by:fpoyavo
ID: 11068376
da99rmd

It is not true for Javascript.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

In this tutorial I will explain how to make squid prevent malwares in five easy steps: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-…
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now