[ask] security issue

A forum for Bolt related questions / issues

[ask] security issue

Postby isul » Mon Aug 04, 2014 7:18 am

I have read the installation guide. It said that we must make read and write (chmod 777) some folder like files/, app/database/, app/cache/, app/config/, theme/. is it necesary to make chmod 777 to the folder? I think make it read-write is not secure. Can i make it to be chmod 755? Thank your answer. sorry my english not too good :)
isul
 
Posts: 13
Joined: Tue Jul 22, 2014 2:32 am

Re: [ask] security issue

Postby ningus » Mon Aug 04, 2014 7:18 pm

In my experience it depends on your/providers servers config what permissions other than 777 on given folders would work. You can test it yourself. I don’t think it is insecure. Look what happens when you try to reach YOURSITE/bolt/app/config/config.yml from your webbrowser.
ningus
 
Posts: 33
Joined: Fri Jun 21, 2013 4:05 pm
Location: Europe

Re: [ask] security issue

Postby isul » Tue Aug 05, 2014 1:02 pm

Tengs a lot ningus. I am not security expert. I have googling. Some say that chmod 777 is bad idea. Here is the example
https://www.drupal.org/node/39887
isul
 
Posts: 13
Joined: Tue Jul 22, 2014 2:32 am

Re: [ask] security issue

Postby ningus » Wed Aug 06, 2014 8:23 am

isul, the discussion in your link concludes that there is indeed write access for any user on server-side but not from outside, if this is your concern. Of course this could be worrying if your ISP has not set up it's server properly. Here is another explanation: https://superuser.com/questions/648064/why-forum-setting-requires-me-to-set-some-files-folders-to-777-permission-right#answer-648083
ningus
 
Posts: 33
Joined: Fri Jun 21, 2013 4:05 pm
Location: Europe


Return to Bolt Discussion

Who is online

Users browsing this forum: No registered users and 2 guests

cron