File and directory permissions for safe CGI setup


#1

What permissions have to be set on a directory to allow files to be listed, but not read?

Is the r bit necessary for listing or is it just for directories?

Is it an r-- or r-x for directories and --x for files?

Pay $20 for Dreamhost registatration with coupon MERIPOL


#2

r(ead) on the file allows someone to view the contents of the file.
r(ead) on the directory allows someone to view a listing of files in the directory
x(ecute) on the directory allows someone to access files or directories in the directory (but they still need read on those files to view them)

Free unique IP and $67 off with promo code [color=#CC0000]FLENSFREEIP67[/color] or use [color=#CC0000]FLENS97[/color] for $97 off. Click here for more options


#3

I use FastCGI and I think I have made the permissions too lax.

For instance if I use PHP will I be able to set all .php files to — for the other user as the suexec running with my permissions will be able to access them?

From what I understand unless the webserver needs to serve up the file directly, such as in a file download the r permission on files is not needed? Is that right?

Pay $20 for Dreamhost registatration with coupon MERIPOL