Question: Permissions on hosted website

jkallies_at_majorninth.com
Date: 11/28/05

  • Next message: UC: "What's needed for a wireless access point with Fedora Core" 
    Date: 28 Nov 2005 10:51:23 -0800

    My question is about the implications of permission changes on a hosted
    web server where I do not have root access. Thanks in advance for your
    time in reviewing my question.

    My hosting provider runs Linux/Apache. Not sure of the exact distro,
    but my question is rather general. My site runs Typo3, a PHP-based CMS.
    I have SSH access to the server. As you would guess, I cannot chown.

    Apache runs under "nobody". We'll call my account "coffee". I created
    the directory for my CMS and extracted the PHP source from a tar (thus,
    they are owned by "coffee"). To enable the CMS, I had to chmod 777
    several Typo3-managed directories. Typo3 self-installs, and also
    installs extensions it downloads from a repository. Those directories
    are owned by "nobody".

    As I understand it, I want the web server and my hosting account to
    have full rights to the CMS source files. My hosting provider will run
    a chown -R nobody:coffee foldername (or chown -R coffee:nobody
    foldername) for me. They recommended that I strongly consider not doing
    this, as <quoted>"nobody" also has write access to /tmp, /var/tmp, and
    a variety of other directories that by their nature must be world
    writable for the system to function properly.</quoted>.

    My two main questions:
     - What is the danger here? It seems to be a requirement of a PHP CMS
    to self-administer its own directories. Is the chown given above a
    liability for me?
     - What are the implications of 777 permissions? In a web hosting
    environment, who would be in the "everyone else" group? Other hosted
    accounts? Outside connections via Apache (don't think so)?

    I appreciate any specific insight this community can give me.

    John Kallies
    MajorNinth Media Services
    http://www.majorninth.com

  • Next message: UC: "What's needed for a wireless access point with Fedora Core"

    Relevant Pages

    • Re: OT - Setting up a Message Board
      ... are going to be administering it and are responsible for its security. ... However, you have to know how to configure a web server, install the ... Most people will opt to sign up with a hosting provider to provide the ...
      (alt.sys.pc-clone.dell)
    • Re: error_log
      ... User and group should be apache (if you have apache as the user running the ... location has to be readable for the web server. ... use chown, for change privileges use chmod, if you don't know how to use them, ...
      (alt.php)
    • Re: mod_rewrite and /
      ... Kevin Audleman wrote: ... automatically looks for index.php (or whatever your web server is ... I am having the problem where my CMS is ... JDS Computer Training Corp. ...
      (comp.lang.php)
    • Re: mod_rewrite and /
      ... Kevin Audleman schrieb: ... automatically looks for index.php (or whatever your web server is ... I am having the problem where my CMS is ... and Directory-Index-Setting. ...
      (comp.lang.php)
    • Re: Best way to do server side tasks with new ISP
      ... The OP wants to be able to list one or more directories and a hit counter and a form-to-mail app. ... Directory listing is a web server thing in the first place. ... If not, it ought to be possible to ask the web hosting provider to allow directory listing for a specific account, or for one or more specified directories. ...
      (comp.lang.perl.misc)