Limit write permissions to data subdirectory #93
Labels
No labels
Component: User interface
Component: Wymeditor
Help wanted
Level: Difficult
Level: Easy
Level: Moderate
Pagetype: Festival
Pagetype: Mailinglist
Pagetype: Peer reviewed article
Pagetype: Text
Privacy GDPR AVG
status: has conflicts
Status: Needs changes
Status: Needs discussion
Status: Needs review
Status: Ready to merge
Status: Waiting for response
Type: Bug
Type: Enhancement
Type: Question
Usecase: De Stadsbron
Usecase: Koppelting
Usecase: MeetjeStad
Value: Coders
Value: Security
Value: Users
Value: Visitors
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
harmen/hypha#93
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The instructions currently recommend write permissions to the entire hypha root directory. When installing from git, I believe (by now) only write permission to /data is really needed. When installing from a downloaded bundle, write permission to the entire directory is of course still needed.
The hypha.php script should probably make this distinction somehow and require only permissions that are really needed.
On a related note: The instructions should really not recommend doing a
chmod 777except as a last resort. Giving permissions to the webserver is usually possible in a more limited way, though that does depend heavily on the hosting setup used.A related thing is that ideally, no files in
data/should be tracked by git, so the entiredata/directory can be chown'd towww-dataor whatever user, while your normal user can still update git-tracked files normally. This is something to keep in mind when implementing the theme thing we had in mind.