Article ID: 2375, created on Oct 29, 2007, last review on May 2, 2014

  • Applies to:
  • Pro Control Panel Linux

AdditionalInformation

View Knowledge
Knowledge ID 1132
Product : WEBppliance for Linux
Version : 3.5.18
Topic : FAQ

Title
High security sites can't execute PHP code with write access for "other"

Summary
High security sites can't execute PHP code with write access for "other"

Prevention


Details
Solution:

 Due to new suexec changes, high security sites can not execute php files that have write permissions for other (e.g. o+w); this is a security measure to prevent someone else from injecting code into your php script and then getting it to execute as the site administrator. Check /var/log/httpd/suexec_log for any error messages regarding this problem. You should chmod your PHP scripts so other does not have write access by doing:

chmod o-w file.php

You can also do this recursively in the html folder of the site to all files by doing:

chmod -R o-w .


Attachments


Related Knowledge

Related Links
 
Last ModifiedUsageSatisfiedLast Used
8/20/2004 12:57:02 PM46 10/11/2007 6:13:20 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF