Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#1 2007-10-31 03:42:33
- dreamer
- Member
- Registered: 2007-06-08
- Posts: 242
Permission errors for the "Files" directory
In the Files section of the Content tab, I get the following error when I have my permission for the Files folder set to something other than 777;
Warning: cannot write to file directory
/home/copyfor8/public_html/files.
Please change file permissions to 777.But when I set it to something like 776, I get this error;
Warning: chdir() [function.chdir]: Permission denied (errno 13) in /home/for8/public_html/textpattern/include/txp_file.php on line 775What can I do to fix both issues?
I guess I could just set the permission to 777 and it’ll be fix. But correct me if I’m wrong, but doesn’t a 777 setting present security issues on a shared hosting site?
Last edited by dreamer (2007-10-31 03:44:07)
Offline
Re: Permission errors for the "Files" directory
I guess I could just set the permission to 777 and it’ll be fix. But correct me if I’m wrong, but doesn’t a 777 setting present security issues on a shared hosting site?
In some point in makes some security issues , but actually not, and so you’re wrong.
And so you must change permission to 777 — and your site will be as secure as before the change.
Cheers!
Offline
Re: Permission errors for the "Files" directory
Unless you’re on a dedicated server which is fully under your control or a VPS / chrooted part of the server that is completely shielded from other users, I’d recommend agains using chmod 777, because from a security point of view it is not good (to put it mildly).
It’s not so much the execute permission on the directory that is insecure, but rather the write permission. Try chmod 710 or chmod 701 instead.
Offline
#4 2007-10-31 15:18:06
- dreamer
- Member
- Registered: 2007-06-08
- Posts: 242
Re: Permission errors for the "Files" directory
710 and 701 didn’t work.
Offline
Re: Permission errors for the "Files" directory
does 777 work?
Offline
#6 2007-10-31 17:54:58
- dreamer
- Member
- Registered: 2007-06-08
- Posts: 242
Re: Permission errors for the "Files" directory
oh…yes. 777 always worked.
Offline
Re: Permission errors for the "Files" directory
Try removing permissions: 775, 771, 757, 717, 705, 701, 750, 710… etc. Use the one with the least privileges and if you can’t use anything but 777 and are on a shared host where you can see the files that other users have uploaded… switch to a different webhost.
Offline
#8 2007-10-31 19:16:15
- els
- Moderator
- From: The Netherlands
- Registered: 2004-06-06
- Posts: 7,458
Re: Permission errors for the "Files" directory
ruud wrote:
…and are on a shared host where you can see the files that other users have uploaded…
So Ruud, are you saying that when you can’t see other users’ files, using 777 should be okay?
And, just out of curiosity, one more question: on most hosts using 755 lets me upload files and images just fine, there is one host I’m using that also requires 777 and apparently it’s not the only one; so I conclude that one permissions setting can still be handled differently on different servers. So which server settings decide how permissions will work? In other words, is there a way to find out before you buy a hosting package how it will work?
Offline
Re: Permission errors for the "Files" directory
No, the other way around: if you can see other people’s files and you have to use 777 or something equally permissive, then I’d start worrying.
I’ve never used a shared webhost that I have not configured myself, so perhaps I’m overlooking something, but I can think of the following setups:
1. dedicated server, all processes run under the same username => chmod 700
2. virtual private server, similar to the dedicated server (virtual private servers can’t see each other) => chmod 700
3. shared server, but still each user runs everything under its own username (probably requires multiple instances of the webserver software, not very common, I think) => chmod 700
4. shared server, static files are accessed using a shared username (typically nobody or www-data), but scripts are executed as the user that owns them => chmod 701 or 710 (perhaps 705 or 750 if read permission is needed as well)
5. shared server, all files and scripts are all handled by a shared username (nobody, www-data, etc) => chmod 770 or 707 (perhaps 730 or 703 works as well). When uploading through ftp, the files/dirs are owned by your own username.
Offline