Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Archive

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Permissions inside .tar.gz files


Reply

2 Posts   2028 Views

Avatar
Sigurd

11 July 2007 at 11:49pm (Last edited: 11 July 2007 11:53pm), Forum Moderator, 628 Posts

With SilverStripe the file permissions for a few files and directories need to be writeable by the webserver. From 2.0.1 to 2.0.2 we've taken on board feedback to make the permissions alot less freaky than before. Something to reiterate is that the "open" file permissions have always related to the install process... there's never been a need for SilverStripe, once installed, to have write-permissions set other than for the assets folder (see below)

My question:

What is the best practice for us to use in setting permissions inside the .tar.gz file? Should it be rw-rw-rw, for instance?

To clarify the files are;

1) .htaccess, which gets written to once, then can be secured to readonly.
2) /mysite/ and /tutorial/ which does not require files inside to be opened up. Instead, these directories need write permission so that a file inside, _config.php, can be created. Once installed, you can make this file readonly.
3) /assets/ which is to be permanently kept web-writeable as this is where all uploads via the CMS are stored

What if were to store them as rw-rw-rw- in the tar.gz, then the installer itself would automatically make;
a) .htaccess readonly r--r--r--
b) the folders r-xr-x-r-x (the 'x' is needed to allow browsing, right?) Or is this superfluous?
c) Do we need the world-read bit set? Or is r--r----- fine.

I'm talking about what will work best in terms of most people out of the box, especially for people who are unclear or unfamilar with file permissions, etc. We want people to have a great out-of-the-box experience, rather than the first step being messing with file permissions.

This suggests thinking both about those managing their own servers as well as those installing silverstripe on random webfarm hosts...

Avatar
xeraa

12 July 2007 at 12:36am (Last edited: 12 July 2007 12:37am), Google Summer of Code Hacker, 58 Posts

a) .htaccess readonly r--r--r--
b) the folders r-xr-x-r-x (the 'x' is needed to allow browsing, right?) Or is this superfluous?
c) Do we need the world-read bit set? Or is r--r----- fine.

I think starting off with rw-rw-rw- would be fine and later setting it back.
For .htaccess I think r--r----- should be fine (at least on my Debian webserver it is).
The strange thing is that for PHP files r-------- is enough to work on my server (maybe the configuration software Confixx messed somewhere up, but otherwise it's a standard installation). I always thought that X was needed as well, but acutally it is not *wonder*. Anyway I guess r-xr-x--- should be fine for everyone (I hope ;-) ).