SnippetMaster Support Forums
Return to main website
 
December 15, 2017, 11:10:53 PM
* Show unread posts since last visit.
* Show new replies to your posts.
Welcome, Guest. Please login or register.
Did you miss your activation email?
December 15, 2017, 11:10:53 PM

Login with username, password and session length
Search:  
Advanced search
* Home Help Search Login Register
SnippetMaster Support Forums  |  General  |  General Discussion & Support  |  Topic: Security question « previous next »
Pages: [1] Print
Author Topic: Security question  (Read 3152 times)
kezing

Posts: 2


[-] Security question
« on: September 10, 2002, 01:08:45 PM »

I have a working snippetmaster at  my site. I changes permission for all nercassary files so everything works fine.
Since I dont like open up all files e.g the ones I have adjusted for snippetmaster, for user "nobody" = others, I have tried to followin aproach.

In the file/files I want to use snippetmaster, I have removed all code/text between snippet-tags and put them in a separate file. In the original file I instead use the include statement.
I tried this and it works fine.
My intention was to put all "include-files" in a seperate directory which I then give the appropiate permission and leaving the rest of my files/site with limited rights.
But have I really gained any more security this way?
Report to moderator   Logged
admin
Forum Administrator
*
Posts: 3169

SnippetMaster Author


WWW
[-] Security question
« Reply #1 on: September 10, 2002, 05:18:29 PM »

What you have done is the "method 2" for SnippetMaster installation: http://www.snippetmaster.com/install.html

I wouldn't say it's any more secure, except that the only thing public is the actual code snippets, instead of the whole page.

Unfortunately, there's absolutely no way to have a script access your user files unless:

1. The script is running as your user.  (Your web host may be able to make this work using something called "suexec".)

2. The file has read/write permissions for whatever user is running the scripts for your website.  Typically, this is a user called "nobody" or "web".. and is part of the "public" group.  This is why you have to give permissions of 777.

Hope that helps to at least explain what is going on..

Cheers!
Report to moderator   Logged
adamcole

Posts: 2


[-] Re: Security question
« Reply #2 on: November 27, 2017, 02:23:25 AM »

You can do it by requesting the permission for your user account or you already have permission to access that script file. I have done several scripting changes for my assignment help website and i got approval from the server from day one.
Report to moderator   Logged
adamcole

Posts: 2


[-] Re: Security question
« Reply #3 on: November 27, 2017, 02:24:19 AM »

testing
Report to moderator   Logged
Pages: [1] Print 
SnippetMaster Support Forums  |  General  |  General Discussion & Support  |  Topic: Security question « previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!