Knowledgebase: Information On Perl
How should I set my file permissions on a Perl script?
Posted by Roy Petersen on Feb-15-2007 12:16 PM
Often times, permissions are set very leniently in order to avoid any permissions problem. This is not a good idea. Your Perl scripts should have the appropriate permissions depending on the function of that particular script. Under normal conditions, your scripts will likely need 755 (rwx-rx-rx) permissions to run.
Permissions are set up as "owner-group-world"

First, all scripts should be set to the owner (you) having read, write and execute privilege (rwx, or 7 in the first position) regardless of the function of the Perl script.

Next, you should ask yourself if you want people (visitors) to your website to be able to execute the Perl script. This is most likely the case. Under these conditions, your script would be set to world readable and executable (r-x or 5 in the third position). Do not give the world write permission on the Perl script! It is not necessary and may lead to problems!

If your script is not going to be executed through the web and only you will be executing the script through shell (there are various reasons for having a script operate under these conditions), then you set the script to no world permissions (---).

The group permissions should be set to read and executable (r-x, or 5 in the second position) if the script is to be executable via the web. Otherwise, set your group permissions to nothing (---).

With this information, you have the following permissions breakdown:

Executed via the web by anyone: chmod 755
Executed by only yourself through the command line: 700

Often times, a Perl script will open a file for writing. This is the case in guestbooks and bulletin boards, where the information is received from the form and written to a certain file. The permissions of this particular file are now important.

Many times, the author of a Perl script you use on your account will require you to set this file to rwxrw-rw-, or chmod 766, which allows write access to the world. This is not a good idea and is unnecessary.

Files that need to be written to by way of a Perl script can be set to the default permissions of rw-r--r--, or chmod 644. This will work fine with our setup.

Finally, never set your file permissions to rwxrwxrwx, or chmod 777. This is not necessary, may cause a security problem on your website, and will cause your Perl script to not execute at all!