Install instructions are overly open with permissions
Posted: Sun Feb 05, 2006 7:44 pm
Hi,
the s9y installation instructions say to chmod the entire installation directory 777, while it is actually only needed to have a few directories and files writeable by the web server. The s9y installation routine even checks file permissions and complains when needed permissions are missing.
It is though easily possible to start from a directory with a secure permission set and open up permissions as far as it is necessary to keep s9y installation from complaining. No need to open a security hole as big as 777 permissions on the entire installation.
In my opinion, the docs should be changed. The software is fine.
Greetings
Marc
the s9y installation instructions say to chmod the entire installation directory 777, while it is actually only needed to have a few directories and files writeable by the web server. The s9y installation routine even checks file permissions and complains when needed permissions are missing.
It is though easily possible to start from a directory with a secure permission set and open up permissions as far as it is necessary to keep s9y installation from complaining. No need to open a security hole as big as 777 permissions on the entire installation.
In my opinion, the docs should be changed. The software is fine.
Greetings
Marc