Unix permissions, read vs. execute (PHP context)
As far as files are concerned, execute permission is irrelevant to you - the user account your web server is running under needs permission to access and read the files in question. In order to traverse into a directory, the user will also require execute permission on that directory.
If you are trying to make your scripts readable by the web server (let's say you're running as the account "www" which belongs to group "www"), and not by other users on the system, here's what I would do (assumes your account is "myuser"):
# Change owner to "myuser" and group to "www" for file(s) in question
chown myuser:www config.php
# 640: myuser has rw-, www has r--, world has ---
chmod 640 config.php
If you want to prevent the world from reading any file in a "secrets" directory, just disable the execute bit:
# 750: myuser has rwx, www has r-x, world has ---
chmod 750 secrets
If you set all your scripts to have execute permission but not read permission, nobody can do anything useful with them (including the webserver) ;-)
Correct file permissions for PHP file that doesn't allow the public to execute
In a typical setup used these days a php
script does not require the execution permission bit to be executed by the http server. That is because the request does not start the script is a process based on the operating system. Instead the http server only reads the file and feeds the content into the php
engine loaded as a module. So the only permission required is that the http server process can read the script.
Things would be different if you were using php
by means of CGI
instead of as a http server module. But that has a severe performance penalty, exactly because a new process has to be forked for each request.
Is it possible to download php files with read permissions?
The only time "execute" privileges are required is for old-school CGI scripts. Those are literally executed via a shell on behalf of the webserver. Every other file that your webserver accesses only needs "read" privileges.
PHP scripts are not "executed" as if they were program. The PHP plugin within the webserver READS the php code into memory and does the execution there. At no point is there ever really a "php program" running. As long as the file's readable, PHP can load the raw code, then parse/execute it.
Unix/Linux Alike File Permissions
How about a simple bitwise AND (the &
operator)?
A bitwise AND will return 0 if the user lacks permission and >0 if the user is allowed access.
$result = $user & $permission
Why does Apache + PHP require execution permissions to write to a file?
You need execute permission to conceptually enter a directory (cd into it, list files within, etc.). It would have been clearer if they called this bit something else for directories. This article recommends thinking of it as the "search" permission on directories.
Related Topics
Macd Function Returning Incorrect Values
How to Avoid Using PHP Global Objects
How to Create a New Page in Prestashop Admin Panel
PHP - Override Existing Function
PHP Xpath - Find Element with a Value and Also Get Elements Before and After Element
Set Cart Item Price from a Hidden Input Field Custom Price in Woocommerce 3
JSON_Decode() Returning Error "Notice: Trying to Get Property of Non-Object"
No Mail Received in Inbox with Xampp 1.8.0, Mercurymail and Mail()
Get Specific Device Information
Passing a Boolean Value from Checkbox in Laravel Form
Find a Percentage Value in a String Using Preg_Match
PHP Type Hinting Not Getting Along with Interfaces and Abstract Classes
Fatal Error: Call to Undefined Function MySQL_Connect() in C:\Apache\Htdocs\Test.PHP on Line 2