Can some body translate "read and write" CHMOD into the three figure for me?

What three numbers are exactly a "read and write" permission, so I could apply it to that file?

Thanks

Comments

StevenPatz’s picture

6 would be rw So for all users, 666

Each position is a class of user.

First position is owner, so they would need 4 ( read ) + 2 ( write ) = 6
Second position is group, anyone in that group that would need rw. 4+2= 6
Third position is world, which is everyone else that would need rw. 4+2=6

check out:

http://en.wikipedia.org/wiki/File_system_permissions

for help.

jason342’s picture

Thanks, so I change the CHOMD of the "files" folder to "666"?

jason342’s picture

I just want to check if 666 if defiantly the right Chmod for "read and write"?

Gary Feldman’s picture

Yes, although it's common to make the owner number 7 instead of 6 (i.e. 766), just on the principle that owners should almost always be allowed everything.

I trust you're aware of the security risks involved.

Gary Feldman

jason342’s picture

Gary, I have no idea about security risks that’s why I’m asking such newbie questions.

So you think 766 causes problems, or is 666 better?

Can you just tell me which number you recommend to set the CHMOD to?

schwa’s picture

Hi Jason,

I'm no security expert, but most folks start out chmodding their 'files' directory to 775. You can make it less secure or more secure as you need; Drupal seems to like 775 on 'files' (it loves 777, but that's the least secure setting of all). Hope that helps.

styro’s picture

are irrelevant until you know the user and group ownerships of the files or directories you are talking about.

You need to know who owns the files and how that relates to 'who' the webserver is. Without that knowledge, you won't know which of the 3 digits applies. ie does the webserver use the 'user owner' field (the first digit) or the 'group owner' (the second digit) field or the 'world' field (the third digit).

That depends on how the server is configured.

There are two main ways servers are configured:

1) webserver and webmaster using different accounts (this is the common case)

In this case the files uploaded by you will be owned by your FTP account. Files uploaded through Drupal will be saved to disk by the webserver and owned by the web server account.

When you try to access your own files, your access will be determined by the 'user owner' field. When you try to access the files uploaded through Drupal you access will be determined by the 'world' permissions.

Likewise the web server will use 'world' to access the files you uploaded through FTP, but use 'user owner' to access files it saved to disk (ie Drupal uploads).

2) webserver and webmaster use the same account (eg when using phpsuexec)

In this case both users are governed by the 'user owner' field, and there is no point giving group or world any permissions.

--
Anton
New to Drupal? | Forum posting tips | Troubleshooting FAQ