FAQTs - Knowledge Base - View Entry - Security? Python files chmod 705 on FreeBSD so on shared servers other users can read source. Solution? PHP allows chmod 700 on PHP files.

faqts : Computers : Programming : Languages : Python

+ Search

Google Directory: Python, Cheap web hosting,

Entry

Security? Python files chmod 705 on FreeBSD so on shared servers other users can read source. Solution? PHP allows chmod 700 on PHP files.

Dec 1st, 2004 04:39
Nat Tuck, Paul Milling,

I'm assuming that you're taking about Python CGI scripts. The
requirement that the script be readable by the webserver is a general
problem with CGI in a shared server environment. There are various
solutions to the problem.
The most "correct" solution to this issue that I know of is to use the
SuExec module for Apache (or some similar feature in other servers, if
such a thing exists). 
With SuExec, not only can you can set your CGI permissions to 700, the
scripts run as the user who owns them. This solves a bunch of other
security issues as well. 
PHP doesn't have any feature like this as far as I know unless you
downgrade it to "CGI Mode", which seems to miss the point.