XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Community Support forums / 
  3. Q and A 
  4.  / Security issue: should all files/folders be writeable?
Register
1
mktwain124
Security issue: should all files/folders be writeable?

  • 2003/12/3 23:22

  • mktwain124

  • Just popping in

  • Posts: 44

  • Since: 2002/9/27


After successfully installing XOOPS, deleting the install folder and then chmod mainfile.php unwriteable, what should the read/write permissions be for all the other files/folders? Should everything be writeable (other than mainfile.php) and are there any significant security concerns with "incorrect" file/folder permissions?

Assume most current versions of Unix/Apache/PHP/MySQL on the server.

Thanks in advance!
2
Mithrandir
Re: Security issue: should all files/folders be writeable?

ONLY
root/cache
root/templates_c
root/upload

should be writable - except perhaps for certain folders/files in modules. Everything else (or perhaps another one or two folders) should be non-writable.
3
Panos
Re: Security issue: should all files/folders be writeable?

  • 2003/12/4 10:34

  • Panos

  • Friend of XOOPS

  • Posts: 87

  • Since: 2003/3/20


As MithyT2 wrote, only those folders should be writable by the web server. Also, mainfile.php should be writable only during the installation procedure. After the installation is complete you will be prompted with a warning in the admin area, to change this file to non-writable, if we are talking about a *NIX server always

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

217 user(s) are online (129 user(s) are browsing Support Forums)

Members: 0

Guests: 217

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits