versioncheck says 755 is an unnecessary risk? versioncheck says 755 is an unnecessary risk?
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

versioncheck says 755 is an unnecessary risk?

Started by Eric Chadwick, January 26, 2008, 06:35:44 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Eric Chadwick

January 26, 2008, 06:35:44 PM
After upgrading from 1.4.12 to 1.4.14, I ran update.php and it finished without errors.

Then I ran versioncheck.php and everything was good except some folders have this warning:

Folder writable
The folder "bridge" is writable. This is an unnecessary risk, coppermine only needs read/execute access.

The offending folders are set 755, so does this mean Owner Write permission is considered a risk? If I changed them to 555 (read/execute only), wouldn't that also prevent the admin (me) from editing these folders?

Nibbler

#1
January 26, 2008, 06:40:23 PM
You don't need to edit them normally. If you do you can just change the permissions temporarily.

Eric Chadwick

#2
January 27, 2008, 07:25:07 PM
Thanks Nibbler.

Hmm, it seems my host is forcing them back to 755. I'll check this out with them, but I'm curious how much of a risk these folders might be?

Joachim Müller

#3
January 28, 2008, 09:31:51 AM
Don't worry: the risk is small. If your webhost has made his homeworks and set up the server properly, shielding the presences on the server against each other, then there is no security risk at all.
Read up Why chmod 777 is NOT a security risk
Print
Go Up Pages1
User actions