harmen/hypha
1
0
Fork 0
Code Issues 142 Pull requests 4 Projects Releases Packages Wiki Activity

Do not recommend making data dir 777/world-writable #326

New issue
Open
opened 2020-05-26 12:43:54 +00:00 by matthijskooijman · 0 comments
matthijskooijman commented 2020-05-26 12:43:54 +00:00 (Migrated from github.com)
Copy link

The README currently says to make the data directory world-writable, but that is generally a bad idea. The goal is to make the data directory writable by the webserver, but there are often better ways to achieve that, depending on the hosting setup (sometimes all files are already writable, sometimes changing the owner to www-data is needed, sometimes setting group write permissions, it really depends).

Making the data dir world-writable pretty much always works, but also opens up the permissions way too wide, potentially allowing abuse.

The README currently says to make the data directory world-writable, but that is generally a bad idea. The goal is to make the data directory writable by the webserver, but there are often better ways to achieve that, depending on the hosting setup (sometimes all files are already writable, sometimes changing the owner to `www-data` is needed, sometimes setting group write permissions, it really depends). Making the data dir world-writable pretty much always works, but also opens up the permissions way too wide, potentially allowing abuse.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
hypha-117
combined
Render-links-in-article-comments
base64-subject
hypha-119
festival-translation
Issue/66-paste-from-word
issue/306-Install-new-hypha-fail
datatype-tag_list
testtranslation
clarify-comment-rules
wymeditor-css
newtext-more
newtextservicemethods
pr219
searchfunctie
default_datatype
koppelting
No results found.
Labels
Clear labels   
Component: User interface

   
Component: Wymeditor

   
Help wanted

   
Level: Difficult

Structural changes, need discussion

  
Level: Easy

Under 4 hours of work

  
Level: Moderate

Under 16 hours of work

  
Pagetype: Festival

   
Pagetype: Mailinglist

   
Pagetype: Peer reviewed article

   
Pagetype: Text

   
Privacy GDPR AVG

   
status: has conflicts

   
Status: Needs changes

   
Status: Needs discussion

   
Status: Needs review

   
Status: Ready to merge

   
Status: Waiting for response

   
Type: Bug

   
Type: Enhancement

   
Type: Question

   
Usecase: De Stadsbron

   
Usecase: Koppelting

   
Usecase: MeetjeStad

   
Value: Coders

Enhancement of codebase, API, documentation

  
Value: Security

   
Value: Users

Improve user experience, add new features

  
Value: Visitors

Improve navigation, styling

No labels
Component: User interface
Component: Wymeditor
Help wanted
Level: Difficult
Level: Easy
Level: Moderate
Pagetype: Festival
Pagetype: Mailinglist
Pagetype: Peer reviewed article
Pagetype: Text
Privacy GDPR AVG
status: has conflicts
Status: Needs changes
Status: Needs discussion
Status: Needs review
Status: Ready to merge
Status: Waiting for response
Type: Bug
Type: Enhancement
Type: Question
Usecase: De Stadsbron
Usecase: Koppelting
Usecase: MeetjeStad
Value: Coders
Value: Security
Value: Users
Value: Visitors
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
harmen/hypha#326
No description provided.