Blog Documentation Book a Demo
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

File Permissions

mightymangomightymango
edited December 2007 in Vanilla 1.0 Help
We've just had to move our sites to a different host and are having problems with files such as conf/settings.php not being 'writeable'.

On our old server these files had their permissions set to 0644 but now Vanilla falls over unless these files are set to 0666.
  • Does anyone know if setting a file permission to 0666 presents a security issue?
  • Anyone have any idea why the new server might not allow php to write to files whose permissions are set to 0644?
Don't really want to have to trawl through all the Vanilla files and extension to find which files need to be 'writeable' and change them to 0666.

Hope this makes sense to someone! :)

Comments

  • mattucfmattucf
    On the old server, the vanilla files must have been owned by the user id that the web server runs under. A mode of 0644 means that only the owner of the file can modify it.
  • mightymangomightymango
    Thanks mattucf.

    Just trying to sort this out with the tech people on our host server. Is there an issue with files being set to 0666?

    This is an area that I'dont know a lot about :(
    Do I need to ask them to create a user for php files and give that user ownership of php files?
  • mattucfmattucf
    I won't say that there's no risk with setting 666 on the files in conf/ (everybody on the system can edit them, after all). But if there are nightly backups on that machine, don't sweat it too much.
  • GrahackGrahack
    Your 'tech' fellows must know what is the user the webserver runs under. Could be www-data for example. Then try to set chmod back to 644 after a
    chown www-data:www-data /path/to/conf/settings.php
This discussion has been closed.