1

Topic: chmod 0777?

Hello,

Just a quick note about something more or less security related. I've read a message about directories that have to be chmodded to 777 (cache and avatar) , see this thread. Rickard is clear about it : the directory does not have to be 0777, but during the install process, if the directories are not writeable, you suggest to chmod it to 0777 (I tested with the french version however, not the english one). Maybe it would be good to change that in the installer...

So two questions :
- why mentioning to chmod to 0777 if it's not necessary (and can be harmful)?
- and what's the alternative chmod code to get it working properly?

Re: chmod 0777?

ext wrote:

- and what's the alternative chmod code to get it working properly?

If your web (apache) server runs under "apache" user and you have root access, not need to chmod 0777 at all.
Try:

# chown -R apache cache avatar
# chmod 0755 cache avatar
[no signature]

3

Re: chmod 0777?

That's what I did. But maybe it would be a good idea to mention that during the install process, instead of "in doubt, chmod it to 0777"...

Re: chmod 0777?

ext wrote:

That's what I did. But maybe it would be a good idea to mention that during the install process, instead of "in doubt, chmod it to 0777"...

Well, 0777 makes the most sense if you're in doubt about what to set it as tongue

5

Re: chmod 0777?

Well, maybe it would be a good idea to say something like : "if you're running this installer on your local computer, you can chmod it to 0777, but on a webserver, chown it to the apache user and chmod it to 0755". I know it can sound obvious to many people, but for some others, it's not and it could be a security risk. It's nice to see that PunBB devs care a lot about security, but the script can be as secure as it wants, if you give such an advice at the beginning and to beginners, the security risks are there...

Re: chmod 0777?

Smartys wrote:
ext wrote:

That's what I did. But maybe it would be a good idea to mention that during the install process, instead of "in doubt, chmod it to 0777"...

Well, 0777 makes the most sense if you're in doubt about what to set it as tongue

I agree and understand that most users would require to to 'chmod director to 0777' but it would be good to let it be known that there is other option is also available.