Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Folder Security with Chmod 777
#1
Hi Guys, just wanted to ask about the security of folders and files being Chmod'd to 777, personally i can never get the install to go through with 755 and have to load it up to 777, so i just wanted to pick your brains.

Which folders and files need to be Chmod'd to 755?

And has anyone else had my problems where i have to go with 777?

Thanks!
Reply
#2
Yes, same here.
Reply
#3
From what i can gather it seems that the security is limited to users on the server only so the reason i can't get 755 i believe is do to the way my hosting is a shared account, so that should essentially still mean that data is secure to any visitors. From what i can gather you will only be able to get 755 if you have server persmission and not just your own account on the server. But if anyone has any futher info please chime in Smile
Reply
#4
if you look inside install.php, you can see where I first attempt to chmod 775 all folders, then if that doesnt work, i try 777. the folders are these:
Code:
'../data/',
        '../data/other/',
        '../data/other/logs/',
        '../data/pages/',
        '../data/uploads/',
        '../data/thumbs/',
        '../backups/',
        '../backups/other/',
        '../backups/pages/',
        '../backups/zip/'
- Chris
Thanks for using GetSimple! - Download

Please do not email me directly for help regarding GetSimple. Please post all your questions/problems in the forum!
Reply
#5
Ah i never thought about checking that doh! Thanks!
Reply
#6
Sorry for bumping up an old thread but I thought rather than cluttering up the forum with a new one I would just ask my question here since my issue is similar.

I had to set the /data/ and /backups/ folders to 777 in order to install as well.

But afterward, I was able to change it back to 755 and everything is working so far.

And I was wondering,

1. Is 755 the recommended setting for those 2 folders?

2. What about the gsconfig.php file? What setting should that be?

Thanks for any help and especially for providing such a great application!!! Smile
Reply
#7
JL Wrote:Is 755 the recommended setting for those 2 folders?
Some security advisers will not agree with 777 as it gives “anyone” write access to the files, in theory “anyone” could be accounts that have accessed the server apart from yours. This is why 755 is recommended, it only allows the owner of the file to write to it, the owner being GetSimple.

JL Wrote:What about the gsconfig.php file? What setting should that be?
Doesn’t really matter as long as it can be used by GetSimple. There are no scripts that write settings into this file so I guess you wouldn’t need to give it any writing permissions at all. Default 755 would do.
“Don’t forget the important ˚ (not °) on the a,” says the Unicode lover.
Help us test a key change for the core! ¶ Problems with GetSimple? Be sure to enable debug mode!
Reply
#8
Thanks Zegnåt!
Reply
#9
Looks like I spoke too soon. When set to 755, I can edit existing pages but I can't create new ones.

So right now I've set the /data/pages folder to 777 but the parent folder /data to 755 and that still works Smile

However, I'm still a little paranoid so I was thinking of disabling php for the /pages folder. Is that something that would work? Since I assume that folder only stores the xml files right?

Or does doing that not really make things more secure?
Reply




Users browsing this thread: 1 Guest(s)