I've been causing some (security) concerns for myself by thoughtlessly using the dreaded 777 permissions for upload directories to allow the various PHP-based websites that I host at nearlyfreespeech.net to write files there. What this drastic anti-security measure didn't allow me to is to manage these uploaded files through SSH (and SCP/Rsync). In the chroot jail which I'm allowed to enter through SSH, I am â€˜meâ€™, while the files created from PHP end up being owned by user â€˜webâ€™. However, for some reason these files didn't get owned by group â€˜webâ€™ of which the â€˜meâ€™ user is a member. Also, I got into trouble with new directories that were being created by the upload scripts.
By Rowan Rodrik, 4 months ago, on February 08, 2013, at 17:02 |
A year ago, my web host thoroughly explained how PHP include vulnerabilities can be exploited, hoping that better user education would leave less member-sites vulnerable to automated attacks by spammer scum.
By Rowan Rodrik, 3 years ago, on November 14, 2010, at 19:11 |
From its inceptions, this blog has run on NearlyFreeSpeech.Net's FreeBSD web hosting service. Because of very clever resource sharing (when not serving visitors, a site hardly takes up resources), their pricing has always been very competitive. That, combined with their technical flexibility, support and transparency has made me more of a fan with every year that I've used their service. Still, sometimes I've been wanting to use something else than CGI (they support many, many programming languages for CGI â€“ even C/C++) or mod_php, like Rails or Django or mod_perl.
By Rowan Rodrik, 3 years ago, on November 14, 2010, at 18:11 |