Re: Write permissions and other rights
On Monday, April 22, 2002, at 10:46 , David Kirol wrote: Thanks Drieux I didn't want to take the time to write what you did, but I' m glad to see it on the list. David (aka sometimeAnotTooBrightNewbie) Caveat Emptor - What Do I Know? All I know is what I have figured out - and as I say, I have the luxury of a whole bunch of safeguards already in place. So I am still trying to get my head around what is really secure... But as the sign said at the main gate at tan sahn nut AFB, Drive safely, the life you save, may be your replacement. So let me pass along two basic and important sea stories. I made the mistake of complaining about the fact that the analysts I was working with didn't know diddly about weapons handling - and brother trone, elder of the tripe took the Ensign down to the beach, poured some beer into the ensign and had one of them thar friendly chats - and we got a new training regimine so at least the chances of the kids shooting us DECREASED. Trone Rotated to other things, and we got a Chief from some Air Dale unit - who thought he was john wayne, and given my inclinations, I did what 'academics' do - i wrote up the 'official training regimine' and detailed the basic tactics and standards and got it BLOWN away by our new chief. So, being the Training Petty Officer - i ran the drill, and john wayne was out in front - he stepped into my booby trap and read the sign that noted he was toast - so I turned to the kids and said: Pieces of the chief just got splattered on the bulk head. You have no radio, you have no Go Codes, what do you do? The sober child would have said, roll to see if we can save against majik? but So folks, I prefer that folks get a chance to make their mistakes where we can say 'poo poo' rather than Taps We all got our Cards on the Table Now? ciao drieux --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Write permissions and other rights
Drieux [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Besides I still feel squishy about the fact that I can run perl modules as 644 - which just seems unNatural to moi The executeable bit is only necessary so your shell will use the first line in the program to hand off the rest of the file contents to the interpreter specified. You can run the program itself at 644 (or 444, or even 400 if you own the file) if you pass the filename as an argument to the perl interpreter. required()d and use()d files need only to be readable so the interpreter can get the contents of the file to compile in with the rest of the program. But this has nothing to do with perl. or cgi. CONUS i figure the basic notion of 'ask enough dumb questions who knows you may learn something.' So cut the cat some slack. Hey Im a newbie too, Ive just been doing this a little longer (probably not even a little longer... just a little better) than most people asking questions in here. I didnt say it was a dumb question. Ive asked myself the same questions also. Note MYSELF. I think the people that reply to posters questions and do nothing more than: perl -e 'require ./posters_problem.pl; print the_sloution();' and say nothing more about how the poster can help theirself next time they run into the same problem does the perl community a big disservice, because the person is going to be back in here asking the same question if there is even the smallest variation in the implementation of the problem they are tackling. Why??? Because they didnt learn anything, they just copied your answer and pasted it into the program. I do my homework, so should everyone else. When I answer a poster's question, I imagine what response would give me the most benefit. Trucking through the days posts and dumping the solutions is not going to teach anyone anything. My proof? perl.beginners and perl.beginners.cgi is a place where its pc to ask frequently asked questions. Over and over. Its too bad I get flamed for suggesting the poster figure it out theirself. It goes to show how many people want the answer as opposed to actually learning how to answer the question. As far as the topic in the subject, it is not a perl issue. When you want to write in a file or execute a program, the permissions you choose have nothing to do with the language you choose or if you are executing code in a CGI environment, so no, the topic is totally irrelevant to the issue. If I am wrong here, how 'bout letting me know in straightforward english. I am not here to play cards. Todd W. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Write permissions and other rights
[snip] As far as the topic in the subject, it is not a perl issue. When you want to write in a file or execute a program, the permissions you choose have nothing to do with the language you choose or if you are executing code in a CGI environment, so no, the topic is totally irrelevant to the issue. If I am wrong here, how 'bout letting me know in straightforward english. I am not here to play cards. Todd W. It seems to me that: 1) this is a beginners list 2) this is a cgi list 3) specifically, this deals with perl Its not like he asked how to forge a sword. The question was relevant to how perl script permissions should be set. This is part of a bigger question which would be appropriate for unix-filesystem-beginners list, but at least it does pertain to the use and function of perl. Note: I haven't read a posting faq for this list recently. And I don't tend to get all medieval about minor variations. OTOH, if it were clearly off topic... Just my take. Tim Doty PS. Hope that was straight forward english, even if I do tend to be careful about delineating it as my opinion. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Write permissions and other rights
--- Todd Wade [EMAIL PROTECTED] wrote: ... anyone anything. My proof? perl.beginners and perl.beginners.cgi is a place where its pc to ask frequently asked questions. Over and over. Is there a FAQ document for this list? I just re-read my list welcome message and didn't see any reference to one. I was on perl.beginners for a while (too much volume) and I *think* they had one. Whichever list it was, the list admin would send out a canned reminder about it every few days, and it was probably mentioned in the welcome message. Granted we'd still get FAQ's on the list, but maybe fewer, and the poster could just be pointed to the FAQ document rather than someone writing out the whole explanation every time. If we are concerned about having just one-sentence answers, which Todd rightly suggests is not really educational, then let's make it have as much explanation as we can, so that people *do* learn from it. Having made the suggestion, I now must take a giant step backwards and plead no time to put such a thing together myself. That and I'm probably still too much of a beginner. At least let's point out that the archives of this list are available online at http://archive.develooper.com/beginners-cgi%40perl.org/, so if you think your question may have been asked and answered before, look through the archives! (Unfortunately, they don't appear to be text searchable, but Google probably indexes them.) There is a complete list of Perl-related lists at http://lists.perl.org/. (Yes, I understand the permissions question was not really a Perl-only question, but it *is* related to CGI, and could have been asked before.) - John __ Do You Yahoo!? Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Improving the Quality of Our Beginners was Re: Write permissions and other rights
On Tuesday, April 23, 2002, at 05:44 , Todd Wade wrote: Drieux [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Besides I still feel squishy about the fact that I can run perl modules as 644 - which just seems unNatural to moi [..] oh I 'get' the notions of why the 'magic cookie' - now known as 'shebang' to to masses - exist in interpreted languages... and that the 'use/require' structure is merely 'sourcing' in a stack of 'functions/globals' - and my complements for reminding folks why this is the voodoo it is - I just get nervous about it. the program. But this has nothing to do with perl. or cgi. perl modules and the shebang has nothing to do with perl or cgi. { thwack, thwack, thwack. 8-)!!! } CONUS i figure the basic notion of 'ask enough dumb questions who knows you may learn something.' So cut the cat some slack. Hey Im a newbie too, Ive just been doing this a little longer (probably not even a little longer... just a little better) than most people asking questions in here. I didnt say it was a dumb question. Ive asked myself the same questions also. Note MYSELF. patience and persistence I on the other hand can call them 'dumb questions' - I know I ask some of them... and were I 'smart' I should would be able to follow the documentation 'as provided' [..] Because they didnt learn anything, they just copied your answer and pasted it into the program. 'combined arms tactics' - If you step back and watch the normal play, one set of players have their fingers on the 'POD' - and provide the general 'cover' for the rest of us typing fast and furiously. But you do have a good point on the general problem of how to get folks to step aside and think about the problem, do the analysis, step aside for a moment, play a little code on the edge... I have put together some webPages of my own to keep track of where I have learned what - http://www.wetware.com/drieux/CS/lang/Perl/Beginners/ including a section on benchmarking - which helps 'solve' some of the why and wherefore of this or that piece of syntactical sugah I do my homework, so should everyone else. When I answer a poster's question, I imagine what response would give me the most benefit. Trucking through the days posts and dumping the solutions is not going to teach anyone anything. My proof? perl.beginners and perl.beginners.cgi is a place where its pc to ask frequently asked questions. Over and over. once folks really learn about perldoc perl and how to follow that and then how do do their queries at the CPAN, et al, unless they are around it for the general 'help the next guy' they no longer plan to be around *begin* lists. But this is also the place where we can start to help beginners learn to learn effectively - to eschew the follies of the whole 'perl golf' mentality, et al. Its too bad I get flamed for suggesting the poster figure it out theirself. It goes to show how many people want the answer as opposed to actually learning how to answer the question. One round long, one round short - fire again ... I flamed you for missing the obvious. But then again, I have the luxury of having house broken college boys into officers so I have watched the process of gee, shouldn't there be a faq for this in more complex ways. But for some reason they keep minting those 90 day wonders The big laugh of course was the giggle we had when the 'butt of our jokes' were BS - comp sci kids fresh out of college blithely naive. As far as the topic in the subject, it is not a perl issue. When you want to write in a file or execute a program, the permissions you choose have nothing to do with the language you choose or if you are executing code in a CGI environment, so no, the topic is totally irrelevant to the issue. but if my cgi file is up in the $CGIBIN as a 644 file - it will not work If I am wrong here, how 'bout letting me know in straightforward english. I am not here to play cards. relax bid fold or call ciao drieux --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Write permissions and other rights
On Saturday, April 20, 2002, at 07:22 , Octavian Rasnita wrote: much of this depends upon the policy of the people running the core server... If they allow user's to have their own cgi space then that is ok. I have a small test set that i run independent of the main ones - so my limited experience rest more on my testing rather than the site wide. Please tell me how should I set the rights for some files and folders in my web page: 1. The cgi-bin directory. 755 - no one but the player should have write permissions. but if you want anyone to run the cgi code - then they will need to have read and execute permissions on the directory. { correct me if I am totally spaced here... especially I think for interpreted languages like perl. 2. The Perl script files from this directory. 755 - or at least I do. 3. The html directory. 755 - unless you are going to run .htaccess on them - 4. The html files from this directory. 644 - they are not executables. 5. The php files. the php files I have found for us seem to be set in the 'functions' directory to 644 - just like perl modules. but I will defer to any php pro 6. The folder where I want to keep page counters (It should be writable) good question - never tried that yet... 7. The page counter files and other files that should be writable by the web page visitor. never sure that is a good idea... 8. The .htaccess files. 644 - but I also have the protection of knowing that I am using a radius server authentication with a reasonably solid firewall managed by a real JackBootedFascistThug Admin ciao drieux --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Write permissions and other rights
On Sunday, April 21, 2002, at 07:42 , Todd Wade wrote: First of all, this has nothing to do with perl, but given that I wrote my first cgi tested it with perl first.cgi and got the bugs out, ftp'd it up and then LEARNED the hard way that it had to be 755 - we all start out some place, eh no? Besides I still feel squishy about the fact that I can run perl modules as 644 - which just seems unNatural to moi And if your JackBootedFascistThug doesn't allow cgi's to run in 'user directories' - then of course these are not questions worth worrying about But if you are the webJackBootedFascistThugInTraining - then suddenly these are the questions that one smells with the coffee and goes Oh MY GOD! what are the rules of the road. Given the number of Mac Folks cutting over to OSX who all of a sudden can run Apache - they are having the sobriety moment. Given the number of Windows folks who have learned the hardway that some of that IIS stuff should have been controlled - and was merely a portal asking to get scrammed - uh, like being a little paranoid is not a bad thing... I know I'm an FNG - but this ain't my first time being an FNG in something - so since I keep making it back CONUS i figure the basic notion of 'ask enough dumb questions who knows you may learn something.' So cut the cat some slack. ciao drieux --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Write permissions and other rights
Thanks Drieux I didn't want to take the time to write what you did, but I'm glad to see it on the list. David (aka sometimeAnotTooBrightNewbie) -Original Message- From: drieux [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 23, 2002 12:59 AM To: cgi Subject: Re: Write permissions and other rights On Sunday, April 21, 2002, at 07:42 , Todd Wade wrote: First of all, this has nothing to do with perl, but given that I wrote my first cgi tested it with perl first.cgi and got the bugs out, ftp'd it up and then LEARNED the hard way that it had to be 755 - we all start out some place, eh no? Besides I still feel squishy about the fact that I can run perl modules as 644 - which just seems unNatural to moi And if your JackBootedFascistThug doesn't allow cgi's to run in 'user directories' - then of course these are not questions worth worrying about But if you are the webJackBootedFascistThugInTraining - then suddenly these are the questions that one smells with the coffee and goes Oh MY GOD! what are the rules of the road. Given the number of Mac Folks cutting over to OSX who all of a sudden can run Apache - they are having the sobriety moment. Given the number of Windows folks who have learned the hardway that some of that IIS stuff should have been controlled - and was merely a portal asking to get scrammed - uh, like being a little paranoid is not a bad thing... I know I'm an FNG - but this ain't my first time being an FNG in something - so since I keep making it back CONUS i figure the basic notion of 'ask enough dumb questions who knows you may learn something.' So cut the cat some slack. ciao drieux --- -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Write permissions and other rights
Octavian Rasnita [EMAIL PROTECTED] wrote in message 003d01c1e8db$f6df0f60$[EMAIL PROTECTED]">news:003d01c1e8db$f6df0f60$[EMAIL PROTECTED]... Hi all, Please tell me how should I set the rights for some files and folders in my web page: First of all, this has nothing to do with perl, but I really think you should learn for yourself how the unix permission system works instead of simply asking for someone you dont even know to tell you what to set them to. If I said make all your directories and cgi programs 777 and all your text files 666 you would do it, and then your files would be sitting ducks for attack. A better thing for you to do would be to study the permission system then if/when you have a question, contact the proper newsgroup and say, If I set the permissons of abc.txt to XXX, does that mean that a, b, and c could happen? trwww -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Write permissions and other rights
Hi all, Please tell me how should I set the rights for some files and folders in my web page: 1. The cgi-bin directory. 2. The Perl script files from this directory. 3. The html directory. 4. The html files from this directory. 5. The php files. 6. The folder where I want to keep page counters (It should be writable) 7. The page counter files and other files that should be writable by the web page visitor. 8. The .htaccess files. You can give me only the number for each one (like 755). Thank you very much. Teddy, [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]