Shells

[0perator]

how do i chmod my stuff so only apache and i can read and write them??

 

i have been playing round and i can install a shell and delete stuff from my dir please help

 

thanks.

[trq]

You need to make the files owned by the same user:group as apache. You can find out who this is by greping you httpd.conf file.

 

grep User /etc/httpd.conf

 

Once you know that information (I'll use www-data as an example)......

 

chown www-data:www-data /path/to/file
chmod 600 /path/to/file

[0perator]

ah yes, but the files are in my home directory and i need to be able to write to them with apache for my cms...

[trq]

ah yes, but the files are in my home directory and i need to be able to write to them with apache for my cms...

 

So what is your question again?

 

There is no need (and in fact it is unsafe) to make the apache process able to write to most files within a php application.

[0perator]

the black and white of it is:

 

i dont want people to change my stuff, or even be able to see it cos i have passwords for mysql in the database file.