writing a file on my web site
Steve Holden
sholden at holdenweb.com
Sun Dec 17 14:07:41 EST 2000
Danger, danger, Will Robinson! See below...
ron jeffries <ronjeffries at acm.org> wrote in message
news:6BBCEDE25C4DD0D8.067F4BB38B52531A.4846B6E09FEA5EB2 at lp.airnews.net...
> On Sun, 17 Dec 2000 08:12:58 -0500, "Satheesh Babu" <vsbabu at erols.com>
> wrote:
>
> >With FTP tools, you probably have write permissions. But
> >others might not have write permissions to that file. You'll
> >need that so that web server process has permissions to
> >write to it.
> >
> >chmod 666 should do it. Security alert - change the mode
> >only to your roncount.txt
>
> Thanks, I'll ask my ISP to change it. I don't seem to be able to do it
> from here ...
It is VERY UNSAFE to allow the cgi-bin directory to be writable by the web
server. Probably the reason you cannot currently do it is because your web
service provider has set your server process to run with the identity of a
user with ownership of few resources and limited read abilities.
Imagine if you allow your web processes to write in cgi-bin. In theory,
anyone who can get a file installed in that directory can put code in your
web which they can run at will. Not terribly safe...
Try finding some other way to achieve what you want.
regards
Steve
More information about the Python-list
mailing list