Jump to content

"/site/config.php must be writable" < only works with permissions set to 777


sudodo
 Share

Recommended Posts


777 seems excessive - is there something that I'm missing here?

This is a print out of the /site content;

```
total 28
drwxrwxr-x 6 geot geot 4096 Sep  9 13:30 .
drwxrwxr-x 8 geot geot 4096 Sep  9 13:17 ..
drwxrwxr-x 2 geot geot 4096 Sep  6 10:10 assets
-rwxrwxrwx 1 geot geot 1548 Sep  6 10:10 config.php
drwxrwxr-x 3 geot geot 4096 Sep  6 10:10 install
drwxrwxr-x 2 geot geot 4096 Sep  6 10:10 modules
drwxrwxr-x 5 geot geot 4096 Sep  6 10:10 templates
```

I'm sure that I shouldn't have to have permissions so high, but I'm pretty new
to this.


Here's a shot of the setup that I'm currently going through;


http://imgur.com/a/WkhAX


You can see that the error (for site/config.php) is no longer there with these
permissions, but they still 'feel' wrong.

Thanks
 

Link to comment
Share on other sites

@szabesz thanks - i'm still not sure though. Because the permissions are not related to user or group it's the 'other' it that makes the difference to me. 

 

So If i have permissions set to 

 

chmod 006 config.php

 

It works alright, but this isn't what it should be i think

 

thanks

Link to comment
Share on other sites

8 minutes ago, sudodo said:

chmod 006 config.php

You mean 600, right? If so, that should be considered to be secure. If others than the owner can manage to write files set to 600 [rw-------], then it does not matter too much if it is 400 or 600, I suppose.

Link to comment
Share on other sites

23 minutes ago, szabesz said:

You mean 600, right? If so, that should be considered to be secure. If others than the owner can manage to write files set to 600 [rw-------], then it does not matter too much if it is 400 or 600, I suppose.

No 006 ! :P

I'm not sure why it's working this this though

Link to comment
Share on other sites

2 minutes ago, szabesz said:

I see. So you gave r/w permission to "other", in other words to anybody, so probably that is why it does not complain.

yes - but if i set permissions to 660 it doesn't work 

 

  •  /site/config.php must be writable. Please adjust the server permissions before continuing.
Link to comment
Share on other sites

During the installation process ProcessWire needs write access, however, after you have installed PW, it is time to be more strict, and remove as much permission as you can on the server in question.

http://processwire.com/docs/security/file-permissions/#securing-writable-directories-and-files

"If the installer populates 777 and 666 permissions, this translates to directories and files that are readable and writable to everyone, which is not a good scenario in shared environments. But without knowing more about the hosting environment, they may be the only permissions that we know for certain will enable ProcessWire to run. In either case, please read on for more details. In most cases you can further lock down these permissions with a little more information."

  • Like 3
Link to comment
Share on other sites

Ownership appears to be user geot and group geot.  Apache normally runs under another user account like
 'apache' or 'http'.  If you change ownership of config.php to the apache user, you won't need to use the insecure settings allowing anyone to modify the file.

By the way, using chmod 006 doesn't make a lot of sense, you're saying the owner and group of the file won't have access, only some other user.

 

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...