safe mode, directory permissions, batch add files safe mode, directory permissions, batch add files
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

safe mode, directory permissions, batch add files

Started by plant, January 28, 2006, 02:43:53 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

plant

Hi all,

When I try to batch-add files that I have uploaded to my server, it only works when:
1. Safe Mode is set to Off
2. The directory and files are owned by root. Even when they are owned by 'nobody', the user the server runs at, it doesn't work.

I want my webserver running with safe mode on, and that it is possible to batch add files that are not owned by the webserver (running as 'nobody'). I tried all kinds of configurations and settings (silly_safe_mode, chmods, etc), but I cannot find the 'right way' for php to be configured. I have full control over the server, so changing php.ini is no problem.

Thanks in advance
Bart Friederichs

Joachim Müller

Quote from: plant on January 28, 2006, 02:43:53 PM
it only works when
What happens when "it doesn't work"? Do you get broken thumbails? If yes, change permissions and/or ownership.

Side-note: the coppermine dev team doesn't recommend self-hosting at all.

plant

Hi,

Thanks for your quick reaction, first of all.

"it doesn't work" means that in the directory list, the uploaded directories show up, but I cannot click on them to select them.

Then, there is another problem; if I have the list of photos to be added (the one with the thumbnails and the checkboxes), some thumbnails don't show up (there is nothing, not even a 'this photo is broken' logo of the browser). Those photos will not be added and the message 'Click for details or reload' appears. When I click that link, a blank page appears.

And if you say that you don't support self-hosting, how can professional hosters get to know the host should be configured for Coppermine?

Bart

Joachim Müller

please post a link to your site.

Of course we don't discourage professional webhosts to configure their webservers to run coppermine, but webservers configured properly should be capable to run coppermine out-of-the-box anyway, there are no special settings needed. We discourage self-hosting for non-professionals who can't afford to monitor their servers 24/7, not because coppermine is particularly incesure, but because webservers are. There are a lot of malevolent people wround on the internet, and a whole bunch of silly script-kiddies. With those threats around, we consider hosting to be done by pros only, with special focus on security issues that get discovered all the time. Professional webhosts usually use specially-hardened server setups that close most security vulnerabilities out-of-the-box. "Regular" people who run their own webserver as hobbyists or semi-pros usually don't have the means to install hardened operating systems nor do they have the skills to test them against attacks. Pros usually run Linux/Unix derivates with special, pre-configured interfaces. Amateurs usually make their Windows boxes pose as servers.

plant

The site is at http://www.reizenderakkers.nl/foto.

Our server is Linux, set up with security in mind. It is in a colocating spot with professional support. Time admitting, we try to keep the server up-to-date and we have done serious work getting/keeping the box secure. That is also the reason why I want PHP to run in safe mode.