Patrick R. Michaud
pmichaud at pobox.com
Wed Sep 13 21:43:08 CDT 2006
On Thu, Sep 14, 2006 at 12:27:27PM +1000, Kathryn Andersen wrote:
> On Wed, Sep 13, 2006 at 08:47:11PM -0500, JB wrote:
> However, you can get around this by
> (b) install your pmwiki, and let Apache (the apache user) create the
> wiki.d directory (so it will have okay permissions for apache) and then
> restore the contents of wiki.d into it. This might not work because the
> apache user might have made the directory so that normal users couldn't
> add files to it anyway.
PmWiki always creates its files and directories such that the account
owner will have write permission to the files and directories it
creates. And, PmWiki does this with the minimal file permissions
This is why it's somewhat advantages to use setgid permissions
when going through the process of creating wiki.d/ or other
directories, because PmWiki can then do its work without having
any "world" write permissions involved.
> > I know that I am not a "superuser". So if I need my friendly
> > superuser to do a restore, what do I tell him/her to do?
> Your system adminstrator will be a superuser. If you can get their
> cooperation, what would probably be simplest is to restore the wiki.d
> directory yourself, and then ask the superuser to change it (and files
> in it) so they are owned by the apache user.
This is extremely sound advice -- that's the approach I would take
if getting the file ownerships was important to me. (Personally,
I just run with world write permissions -- it's not significantly
less secure than other approaches.)
More information about the pmwiki-users