More about cgi permissions and cgi scripts

When Technical Support starts looking at a script that is not working, the first thing checked is the permissions on the file. Understanding how permissions work can save you a lot of time in debugging your scripts.

When a script is accessed through the World Wide Web, it is normally run as a special user called 'nobody'. 'Nobody' has no rights to anyone's files and no one can login to the system as 'nobody'. (Who's on first??? )

If your script need's to write to a file on the system, you must set special permissions to that file or directory. Any script that keeps a log (such as counters) or alters HTML pages (such as wwwboard and guestbook) or save orders (such as perlshop) must have permission to create and write to the files.

So, how to set permissions? First, a quick lesson on the UNIX chmod command.

Every file and directory on the UNIX server has it's own permission setting. This setting is normally represented by a group of letters (r, w & x) or a three digit number. (Yes, sometimes there are 4 numbers and sometimes 's' and 't' are used. But those are unusual circumstances.)

If you telnet to the server and list the files or if you look at the Directory Info through your FTP program, you will see the 'rwx' series in the listing. The first three letters refer to your user id. 'r' is for read, 'w' is for write and 'x' is for execute. (Although, sometimes you may want to think of 'x' as for use). If the first three characters are 'rw-', then you have read and write permissions to the file, but the file is not executable. The last three characters set permissions for the world. If the last three characters are 'r-x' then everybody can read and execute the file, but they cannot write to it. The middle three characters are used for permissions for the 'group'. For the most part, you should set these to the same setting as the world.

OK, what about the numbers?? Look at it this way: r = 4, w = 2 and x=1. For each group of 'rwx', add up the numbers to get a digit from 0 to 7.

Some common settings:

Letters	Numbers	What happens
rwxrwxrwx	777	Readable, writable and executable by everyone
rwxr-xr-x	755	Readable and executable by everyone, writable by you
rw-rw-rw	666	Readable and writable by everyone
rwx--x--x	711	Everyone can use it but only you can read or change it.
rw-r--r--	644	Everyone can read it but only you can change it

Some not-so-common settings:

Letters	Numbers	What happens
---------	000	No one can read, write or execute the file. The file can be deleted according to the permissions of the parent directory
--x--x--x	111	The file can be executed, but no one can ever change it or read it
rwx-w--w-	744	Everyone can write to the file, but only you can read it or execute it. (It's not a good idea to execute a file that someone else can change.)

Use the UNIX chmod command to reset the permissions. Run 'chmod ??? filename' from the te.netmand line. Or, most FTP programs will allow you to right click on the filename and select 'chmod'.

More about permissions (recommended)

|| Back to FAQ's || More About CGI || W3U's Home ||