TLUG Mailing List

Mailing List Archive

tlug.jp Mailing List tlug archive tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Appropriate permissions for cron job PHP script

Date: Wed, 10 Mar 2010 10:34:19 +0900

From: Sach Jobb <sach@example.com>

Subject: Re: [tlug] Appropriate permissions for cron job PHP script

References: <20100306190849.afoikb1vwoos04ws@example.com>
Hi Dave,

> I realized this morning that it if someone knew the exact URL, they
> could activate it and if they hammered it enough, I suppose they could
> cause some slow down on the site.

Why not move the php script out of the web tree? That way it won't be
possible to be activated by a random visitor.

> I was wondering what the appropriate permission setting would be to
> make it so that it can only be activated by the local system, not by
> visitors to the site.

Assuming that the user activating the cron is root, you could simply
'chown root:root myScript.php; chmod 600 myScript.php' that should
make it so that only root as the read/write rights and no one
(including the webserver) can do anything else.... assuming your
webserver is not running as root, which is highly unlikely.

Cheers,
Sach
Follow-Ups:

Re: [tlug] Appropriate permissions for cron job PHP script [SOLVED]
From: Dave M G

References:

[tlug] Appropriate permissions for cron job PHP script
From: dave

Prev by Date: [tlug] Appropriate permissions for cron job PHP script

Next by Date: Re: [tlug] Blocking unknown and unclear bots

Previous by thread: [tlug] Appropriate permissions for cron job PHP script

Next by thread: Re: [tlug] Appropriate permissions for cron job PHP script [SOLVED]

Index(es):

Date

Thread

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links