Jump to:

17452 Posts in 4473 Topics by 1971 members

Archive

SilverStripe Forums » Archive » Permissions inside .tar.gz files

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Page: 1
Go to End
Author Topic: 1954 Views
  • Sigurd
    Avatar
    Forum Moderator
    628 Posts

    Permissions inside .tar.gz files Link to this post

    With SilverStripe the file permissions for a few files and directories need to be writeable by the webserver. From 2.0.1 to 2.0.2 we've taken on board feedback to make the permissions alot less freaky than before. Something to reiterate is that the "open" file permissions have always related to the install process... there's never been a need for SilverStripe, once installed, to have write-permissions set other than for the assets folder (see below)

    My question:

    What is the best practice for us to use in setting permissions inside the .tar.gz file? Should it be rw-rw-rw, for instance?

    To clarify the files are;

    1) .htaccess, which gets written to once, then can be secured to readonly.
    2) /mysite/ and /tutorial/ which does not require files inside to be opened up. Instead, these directories need write permission so that a file inside, _config.php, can be created. Once installed, you can make this file readonly.
    3) /assets/ which is to be permanently kept web-writeable as this is where all uploads via the CMS are stored

    What if were to store them as rw-rw-rw- in the tar.gz, then the installer itself would automatically make;
    a) .htaccess readonly r--r--r--
    b) the folders r-xr-x-r-x (the 'x' is needed to allow browsing, right?) Or is this superfluous?
    c) Do we need the world-read bit set? Or is r--r----- fine.

    I'm talking about what will work best in terms of most people out of the box, especially for people who are unclear or unfamilar with file permissions, etc. We want people to have a great out-of-the-box experience, rather than the first step being messing with file permissions.

    This suggests thinking both about those managing their own servers as well as those installing silverstripe on random webfarm hosts...

  • xeraa
    Avatar
    Google Summer of Code Hacker
    58 Posts

    Re: Permissions inside .tar.gz files Link to this post

    a) .htaccess readonly r--r--r--
    b) the folders r-xr-x-r-x (the 'x' is needed to allow browsing, right?) Or is this superfluous?
    c) Do we need the world-read bit set? Or is r--r----- fine.

    I think starting off with rw-rw-rw- would be fine and later setting it back.
    For .htaccess I think r--r----- should be fine (at least on my Debian webserver it is).
    The strange thing is that for PHP files r-------- is enough to work on my server (maybe the configuration software Confixx messed somewhere up, but otherwise it's a standard installation). I always thought that X was needed as well, but acutally it is not *wonder*. Anyway I guess r-xr-x--- should be fine for everyone (I hope ;-) ).

    1954 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.