Serendipity Forums

Sorry for asking this very dummy question, but can i have more explanation of this pls?

After the install is complete, you should change those base permissions to allow only your web-server user (e.g. nobody) to access the serendipity directory. All subdirectories should be writeable for the web-server user, all the files should be 644, unless otherwise contained in our installation archive.

I know that there was another thread discussed about it,

http://www.s9y.org/forums/viewtopic.php ... 89232553fc

but still it dint help me much because when i changed the permission for the folders to 644, it dint work aany more.

so is it possible for someone to tell me precisely which files and folders to give what permission?

Right now all files are in 777 permission. SO can i know which one to change to what?

Here is the list:

[DIR] bundled-libs - 777
[DIR] deployment - 777
[DIR] docs - 777
[DIR] htmlarea - 777
[DIR] include - 777
[DIR] lang - 777
[DIR]plugins - 777
[DIR] sql - 777
[DIR] templates - 777
[DIR] templates_c - 777

[File].cvsignore -777
[File].htaccess -777
[File]comment.php -777
[File]exit.php -777
[File]index.php -777
[File]rss.php -777
[File]serendipity.css.php -777
[File]serendipity_admin.php -777
[File]serendipity_config.inc.php -777
[File]serendipity_define.js.php -777
[File]serendipity_editor.js -777
[File]serendipity_xmlrpc.php -777
[File]wfwcomment.php -777
[File]serendipity_admin_image_selector.php -777

thanks a lot.

Hi,

You will want to keep the directories at 755 (because they need to be executable) and the files at 644. This is, of course, if you have then owned by your web-server users, which is recommended. You could also look into suphp, which will allow PHP to run with "normal" users privileges...

S9y (meaning your web-server) needs to have write access to these dirs (and the files within):
templates_c/
uploads/
plugins/
archives/ (?? I'm not sure about this one...think it's the result of tinkering on my end...)
and of course, ./ or where s9y itself is installed...

and these files:
./.htaccess
./serendipity_config_local.inc.php

I think this is all...if I've forgot some, please correct me!

thanks a lot man.

i will give it a go.

ok, cool. it worked.

Well, i think to help future users, I would write a small tutorial with detailed description with images so that in case anyone needs any help.

I just downaloaded s9y couple of days before and still lot to learn.

thanks a lot for your helo Kidgoo

No problem...And call me Brett

I was thinking, though, that this may cause problems when trying to upgrade. One of the lead developers may want to say something about that.

I think that as long as you extract the package you're trying to upgrade as root, and make sure it has the right permissions, it should be ok...

Brett

I actually do have s9y installation steps detailed in my blog, but the permissions part looks sorta bare because the guide assumes you're installing s9y on your own Mac which runs the webserver... which already have the permissions set at 644 by default and you only have to manually change certain directories to 755 (which is mentioned in the guide).

After having the guide reviewed by a lot of folks at a certain Mac forum, however, it had been pointed out that one should have the permissions set at 750 / 640 after the ownership of the folders is given to the webserver user, not 755 / 644. I think s9y install guide also mentions pretty much the same thing (goes something like 'give permissions only to the webserver' thingy). This is to prevent 'other' users from reading the files/folders in the first place - it can only be you or the webserver user that can access them. A good measure of security.

I'm gonna check out how this works out and have the guide revised.

After having the guide reviewed by a lot of folks at a certain Mac forum, however, it had been pointed out that one should have the permissions set at 750 / 640 after the ownership of the folders is given to the webserver user, not 755 / 644. I think s9y install guide also mentions pretty much the same thing (goes something like 'give permissions only to the webserver' thingy). This is to prevent 'other' users from reading the files/folders in the first place - it can only be you or the webserver user that can access them. A good measure of security.

Too true...this is a good idea. As I'm the only user on my server, I sometimes forget others don't have that luxury...

Speaking of permissions, I'd imagine it works, but has anyone actually tried s9y under suphp?