[Pmwiki-users] AdminQ2 - Problems with directory permissions on Unix server

H. Fox haganfox
Fri Apr 2 13:28:53 CST 2004


For my open-source image gallery script I have the users create a new 
empty directory and set 2777 permissions on that.  The script's own 
files and the user's images never need to be in a wold-writable 
directory, which I consider a security "plus".

I realize it's too late to do this for PmWiki, but maybe it's something 
to consider for 0.7.

Gallery setup difficulties seem to be rare these days.  Here's a snippet 
from INSTALL.txt.

Basic Instructions (with writable-tree setup):

- Place the script (index.php) in a web-accessible directory with some
   image files and/or subdirectories that contain image files.
- Create the qdig-files subdirectory.
- Temporarily set world-writable (2777) permissions on the subdirectory.
- Browse the gallery directory's URL once.
- Set permissions on the subdirectory to something reasonable (0755).


The gallery automatically creates thumbnails, resized images, and empty 
caption .txt files in the writable tree.  Gallery management can be done 
via FTP / SCP.  It could hardly be much simpler...

Part of the inspiration for Qdig's very simple but very effective way of 
handling the writable tree came from PmWiki.  Thanks Pm!

Hagan

Steven Leite wrote:
>>>   I  wonder if we can't invest some time in making this easier for
>>> other users?
> 
>>We probably need a Cookbook recipe or documentation page that describes
>>how to do backups and restores of PmWiki systems, including migration
>>to another server.
> 
> Yesterday I started to write a Cookbook recipe, but as you know my PHP
> skills are .. well, lacking .. so I gave up after about 1 hour.  I'm not
> familiar with all of the unix sytem/file commands.  I tried looking at your
> code and I understood about 85% of it, but that's 15% too little :)
> 
>>>   You plop it in any folder on the
>>>   system,  make it executable, and voila .. it goes and does it's
>>>   thing.It doesn't bother you about file permissions to make this directory
>>>   or that directory.
> 
>>Given the amount of traffic that has crossed the listserv on this topic
>>lately I may see if I can write a longer article about it.
> 
> That would be extremely useful.  Thanks.




More information about the pmwiki-users mailing list