Installation guide clarification

Started by Poasters, April 11, 2005, 11:21:30 PM

Previous topic - Next topic

Poasters

When using the installation guide in this same forum:
http://www.simplemachines.org/community/index.php?topic=6765.0

it is recommended to chmod 777 these files and directories:
    * attachments
    * avatars
    * Packages
    * Packages/installed.list
    * Packages/server.list
    * Smileys
    * Themes
    * agreement.txt
    * Settings.php
    * Settings_bak.php
    * install.php
    * Themes/default/languages/Install.english.php

However, when I installed SMF 1.0.3 on my server, the install.php will not run with 777 permissions; 755 works ok. Similarly, it would not install new packages until the Packages directory was chmod 755. This may be my dimness, or it may not be a problem for many folks, but just thought I would ask if others see the same result.
I would place my signature right here if I had one. Since I don't, please visit Poasters Computer Forums

[Unknown]

Then, your server will require 755 for those listed, not 777.

-[Unknown]

Poasters

OK, do you mean that they should all be 755, then?
I would place my signature right here if I had one. Since I don't, please visit Poasters Computer Forums

[Unknown]

#3
Yes.  While most hosts run PHP as some random user (e.g. "nobody" or "apache" or "www"), your host is running PHP as *you*.  This is good and bad for security, but it means the numbers take on different meanings.

If PHP is someone else, e.g. "nobody", then the number that really matters is the third one.  If PHP is you, only the first number really matters.  Here's a better explanation:

  /---------- This is the OWNER of the file.
  |  /------- This is the OWNER's "friends".
  |  |  /---- This is EVERYONE on the server.
  7  7  7


So, if PHP is "nobody", then you have to allow other people access to the file.  Otherwise, only you need access to the file.

The reason it *won't work* on your server is because of security concerns.  Just wait though - some people immediately think the "nobody" thing is bad for security, which isn't exactly true.  But, that's why you're not allowed to have the file 777 - because then, theoretically, everyone on the server can access it, write to it, and execute it.  755 means that they can just read and execute it, but not write to it.

The reason it's okay to have it 777 when you can is because the permissions on the folder it's in matter too.  Typically, you'll have a structure like this:

/home/username/public_html

Now, here /home will be 755 or so, meaning everyone can access it but not everyone can create folders/files in it.  It'd be owned by the server administrator.  So far so good.  Next, /home/username should DEFINATELY be owned by username (you) and no one else.  The trick is, you can say that your "friend" is "nobody".  So, then you make the /home/username directory 770 - this means only YOU and Apache/PHP can access your files, no one else.

From that point, you own every file and directory exclusively, so if a file is 770, nobody won't have access.  The above tactic is used to change the "everyone" position to "PHP" instead.  It's very very common, and most hosts use it.

In any case, your host requires the use of 755, not 777.

-[Unknown]

Poasters

Thank you for the thorough explanation. I was aware of the user/group/other convention, but did not know that servers can be set up to run php as either user or other - it makes sense now.

I'll check to be sure that the /home/username directory is 770, too.
I would place my signature right here if I had one. Since I don't, please visit Poasters Computer Forums

IchBin™

770 will make it so that nobody else can have read,write, or execute perms. In other words, they won't be able to see your site.
IchBin™        TinyPortal

[Unknown]

Quote from: IchBin on April 13, 2005, 08:46:21 PM
770 will make it so that nobody else can have read,write, or execute perms. In other words, they won't be able to see your site.

Unless, as I outlined, the Apache user is in the "friend" or group owner of the directory, in which case this is not at all true.

-[Unknown]

Qayyom Ashraf

#7
Quote from: Poasters on April 11, 2005, 11:21:30 PM
When using the installation guide in this same forum:
http://www.simplemachines.org/community/index.php?topic=6765.0

it is recommended to chmod 777 these files and directories:
    * attachments
    * avatars
    * Packages
    * Packages/installed.list
    * Packages/server.list
    * Smileys
    * Themes
    * agreement.txt
    * Settings.php
    * Settings_bak.php
    * install.php
    * Themes/default/languages/Install.english.php

However, when I installed SMF 1.0.3 on my server, the install.php will not run with 777 permissions; 755 works ok. Similarly, it would not install new packages until the Packages directory was chmod 755. This may be my dimness, or it may not be a problem for many folks, but just thought I would ask if others see the same result.

IS THESE SETTINGS/ (777) PERMISSIONS STILL RECOMMENDS FOR SMF 1.1.4 ??
Qayyom Ashraf  |  Karachi-PK |::.www.JangForum.Com.::|

IchBin™

To install things I see no problem with it. But I "personally" suggest after install you keep your files at 755 or lower if possible with the exception of the packages/Smileys/attachment folders. And I generally keep my Settings.php file at 666.

Would be great if you wouldn't use all caps, as it looks like you are shouting.
IchBin™        TinyPortal

Qayyom Ashraf

Quote from: IchBin™ on March 25, 2008, 05:16:54 PM
Would be great if you wouldn't use all caps, as it looks like you are shouting.
sorry for that.

actually before this, it was normal with 755, but now I am facing read only error for settings.php and for others too.

now I am following the instructions from "Poasters" mean I changed 777 to all above listed files/folders.

mean with this, everything is working normal
Qayyom Ashraf  |  Karachi-PK |::.www.JangForum.Com.::|

!Hachi!

please open new thread.you re opened 3 years old thread.i prefer to open new thread.
Happy Ramadan

greyknight17

I think the only folder that needs to have 777 is attachments. For the Settings.php file, CHMOD it to 666. You may CHMOD it to 755 or 777 only when you need to. Otherwise, revert it back to 666 to be safe.

Topic marked as solved since this is a old topic...

Advertisement: