Install instructions are overly open with permissions

Zugschlus · Post by **Zugschlus** » Sun Feb 05, 2006 7:44 pm

Hi,

the s9y installation instructions say to chmod the entire installation directory 777, while it is actually only needed to have a few directories and files writeable by the web server. The s9y installation routine even checks file permissions and complains when needed permissions are missing.

It is though easily possible to start from a directory with a secure permission set and open up permissions as far as it is necessary to keep s9y installation from complaining. No need to open a security hole as big as 777 permissions on the entire installation.

In my opinion, the docs should be changed. The software is fine.

Greetings
Marc

Post by **garvinhicking** » Mon Feb 06, 2006 1:25 pm

To which docs exactly are you referring to?

Regards,
Garvin

Zugschlus · Post by **Zugschlus** » Mon Feb 06, 2006 1:39 pm

garvinhicking wrote:To which docs exactly are you referring to?

http://www.s9y.org/36.html
docs/INSTALL

Serendipity doesn't ship world writeable, either. Or does tar honor umask when unpacking?

I cannot find the reference where chmod 777 is recommended, though.

Greetings
Marc

Post by **garvinhicking** » Mon Feb 06, 2006 1:56 pm

Tar can honour umasks and permissions, AFAIK.

Thanks for the two links, I adjusted them!

Regards,
Garvin

Install instructions are overly open with permissions

Install instructions are overly open with permissions

Re: Install instructions are overly open with permissions

Re: Install instructions are overly open with permissions

Re: Install instructions are overly open with permissions