File Permissions

Forum Moderators: coopster & phranque

Message Too Old, No Replies

File Permissions

Changing them

adni18

11:58 am on Sep 24, 2004 (gmt 0)

I need a secure file to only be accessed by certain people. Is there a way I can change a file with the permissions of 700 to 755, read it, then change them back to 700 withing a perl script?

moltar

2:26 pm on Sep 24, 2004 (gmt 0)

What you are saying does not make much sense from security point of view.

If you can change permission, then anyone else would be able to, right? If only the owner of the script can change the permission, then you might as well keep it at 0600 all the time :).

crashomon

3:35 pm on Sep 24, 2004 (gmt 0)

why not just have the file in a password protected directory?

But if you insist on this, then how about having a "Close File" button at the bottom of the webpage that would trigger the chmod process on this file?

Just a thought . . .

Patrick Elward
(a perl beginner)

adni18

8:41 pm on Sep 24, 2004 (gmt 0)

The 'close file' button wouldn't work, because what if their power went out, or they closed the window? I'm not sure how to do password directories. How about like this:

prot.jpg is set to NO ACCESS
The user signs in.
The user clicks on a link to open bat.cgi
bat.cgi wants to show prot.jpg
bat.cgi changes the permissions of prot.jpg to 777
bat.cgi executes "print: '<img src=prot.jpg>'"
bat.cgi changes the permissions back to 700

moltar

11:36 pm on Sep 24, 2004 (gmt 0)

If it's only one image, then you could read it with perl script and show it only if user is signed in. Even if it's a few images, on a not so loaded website would be allright.

something like this would show the image to the screen:

[perl]
open(IMG, "< img.jpg") or die "cannot open img.jpg";
binmode(IMG); # for win32 machines
print "Content-type: image/jpeg\n\n";
while (<IMG>) { print; }
close(IMG);
[/perl]

adni18

2:21 am on Sep 25, 2004 (gmt 0)

yeah but i need to make it secure so someone cant just look at the pic. It's a member's only gallery, see.

moltar

10:35 pm on Sep 25, 2004 (gmt 0)

As I said, before you output the picture, make sure the user is loged in...

adni18

2:47 am on Sep 26, 2004 (gmt 0)

but couldn't one just enter the url in the address bar?

timster

3:15 pm on Sep 27, 2004 (gmt 0)

but couldn't one just enter the url in the address bar?

You'll want to put your files outside of your Web directory, where Perl can read them and hand them out dynamically.

Here's an example of this (hope this URL is legal):
[hk8.org ]

I'd suggest reading up on the security fundamentals here for your Web server and platform, to make sure your site isn't easy to hack.