<snip> > php /home/pablo/cmsutil/CMS_monitor.php > > and the permissions on CMS_monitor.php are as follows: > > -rw-rw-r-- 1 pablo pablo 3636 Feb 21 00:48 CMS_monitor.php > > My question is under these permissions could someone else with an > account on this server execute this file? I'm pretty sure they couldn't > but my knowledge of Linux isn't yet as extensive as I would like it to > be so I can't say for sure.
If the script can be read (the "r" permission) it can be run through the php cli like you are doing in cron. If the cron command you have is running under your username, and the script does not need to be viewable by the web server, you can set the permissions to 600, which would be -rw-------. This will allow you as the user to read (as well as execute through php) and write to the file and not let anyone else (besides root of course) to do anything with it. Technically, if an executable can be read it can be executed. If it's a binary it can be copied by a user and the copy can be run, if it's a script it can be passed to an interpreter and run. </snip> Thanks for the replies. Very helpful. The crontab running is my own so if I change the permission on the file as Adam mentions above I'll be fine (please let me know if this is not the case!). Thanks again. Pablo. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
