|
Since we utilize suPHP you should not have any php scripts with permissions set to 666 or 777. Using these permissions can result in a 500 Internal Server Error.
To explain why suPHP requires these changes to the file permissions read below. Please note that suPHP runs scripts with the permissions of their owners.
Regular PHP executes scripts under the permissions of the system user running the web server (usually as the user: nobody). This means that your script runs with different permissions than your own user account and makes it very hard to use a PHP script to modify and create files without giving everyone on the server access to your files, which is why permissions of 777 and 666 are used so frequently.
Since suPHP makes your PHP scripts run with the same permissions as your regular user account, you do not need group or world write access or execute access for files and suPHP will even prevent files from running that are group or world writable or executable as a security precaution.
The only persmissions ever needed for scripts in an suPHP environment are 644 or 755 and files/folders will still be accessible and fully writable by the webserver processes.
The permissions of 666 equate to the following:
User Group World
4 4 4 (read)
2 2 2 (write)
0 0 0 (execute)
This makes group and world able to write to the file.
This is quite a security risk!
The permissions of 777 equate to the following:
User Group World
4 4 4 (read)
2 2 2 (write)
1 1 1 (execute)
This makes group and world able to write and execute the file.
This is an even larger security risk than 666 permissions!
Basically, suPHP is made to be much more secure.
It prevents scripts from running with permissions of 666 or 777, and also prevents group or world from maliciously writing to the files and hacking your scripts.
In order to ensure your scripts work...
Anytime you have installation instructions requesting that you set permissions of 666 or 777 on any files or folders, you should instead change them to 644 or 755.
| 
