[pmwiki-users] working directory

H. Fox haganfox at users.sourceforge.net
Wed Feb 22 12:59:11 CST 2006 

On 2/21/06, Patrick R. Michaud <pmichaud at pobox.com> wrote:
> Neil writes:
> I'm thinking I will shorten this to work.d/, and use that.  This
> would be the place for temporary files, and we could also see about
> moving deleted pages into this directory (instead of leaving them
> in wiki.d/).
>
> However, this does have the downside of needing to create an extra
> .htaccess file to protect the work.d directory.
>
> On another note, Hagan Fox once remarked that it would be nice to
> put all of these writable directories (wiki.d/, uploads/, work.d/)
> into a single directory -- something like:
>
>     pmwiki/
>       pmwiki.php
>       local/
>       scripts/
>       cookbook/
>       pub/
>       data/
>         uploads/
>         work.d/
>         wiki.d/
>       wikilib.d/

As you might expect, I enthusiastically vote "yes" on this.

> One advantage of this is that the data/ directory can be exist as
> part of the distribution, and we simply tell people to change its
> permissions to 777 or 2777 as appropriate when it's needed.
> (No more setting/unsetting permissions on the pmwiki root.)

Another advantage is that it makes it more obvious what's in the
directory.  It makes backing up data easier because you only need to
copy or archive one directory with an obvious name.  Since PmWiki
itself is so small I think it makes sense just to archive everything,
so this is a minor advantage.

Another advantage is that it's easier to move the writable tree
outside the web document tree.  That's helpful for administrators who
don't have .htaccess support.  It can improve security for those who
do.

Regarding this last advantage, SourceForge.net has a policy where any
directory where files are directly deliverable by the web server is
read-only by the web server.  The server can write files, but must do
so outside the web document tree.  They implemented the policy for
good reason, and it's not unreasonable to think other service
providers will do the same.

> Of course, if we do something like this we would have in place
> some transitional code (to exist for a long time into the 2.1
> release) so that existing sites can continue to use the traditional
> PmWiki directory structures.  OTOH, moving to the new structure
> is as simple as renaming or moving a couple of directories, so
> it's not as if the transition is difficult.
>
> Comments?

A security-check script has be discussed in the past.  That might be a
good tool for helping administrators reorganize to the new structure.

Hagan

More information about the pmwiki-users mailing list