must it be 777? must it be 777?
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

must it be 777?

Started by tumnus, January 03, 2005, 08:00:37 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

tumnus

Hiya. I've just gone through the arduous and boring task of re-uploading and re-filling a client's coppermine gallery. I admin it, and he does the uploads.
Last week though, all the folders in his gallery with 777 permissions have been utterly cleared out.
My ISP is getting back to me with the server logs, but is there any means by which i can avoid this is future?
must it be 777?

and anyway, i presume the average http user wouldn't know how to do this, right?
Be kind, man. Don't be mankind.

kegobeer

There's a good post on simplemachines.org about permissions, and I believe GauGau has posted the link to it in one of his recent posts.  This sounds like an "inside job", and in that case permissions wouldn't really matter.  If your ISP didn't upgrade to 4.3.10 and fell victim to the latest worm, permissions also won't stop that.  However, depending on server setup, 755 works just fine.
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

tumnus

#2
hmmm.... it's curious, as other little scripty bits on the server (outside of the cpg folder) which are 777'd seem fine.
It's all a bit daft, really... the gallery was only started and it's owner & i are the only users. he's not even an admin.
the whole albums dir was empty, with not even user folders inside too. It even happened to his private cpg elsewhwere on the server which nobody ever goes to. sounding wormy still?
we'll see what goes on when they dig me up the logs. in the meantime i'll 755 things and we'll see how it goes.

station

btw, how would i check if my isp does have 4.3.10? telnet?
Be kind, man. Don't be mankind.

Tranz

In coppermine Admin Tools, there is a link to phpinfo.

tumnus

what, am i looking at the bit that says
system: Linux server10.****.com 2.4.20-27.7smp #1 SMP Thu Dec 11 14:50:55 EST 2003 i686

...or another field?
Be kind, man. Don't be mankind.

Tranz

It's the part right above that says PHP Version.

tumnus

it does have 4.3.10. but is the date in the previous string the date it was updated?
this gallery downing may have happened earlier than that...
Be kind, man. Don't be mankind.

Tranz

I have host accounts on 2 servers and the Build Date corresponds with the dates the webhost said they updated PHP on the server.

Nibbler

The date is when the linux kernel being used was compiled, and is 2003, so long before the losses occured I would have thought.

Tranz

Just to clarify, the Build Date is in the row below the line mentioned above.

tumnus

oh, 2003, but of course. thanks....

i'll have to see what the logs dredge up
Be kind, man. Don't be mankind.