Task #57354
Task #52668: Install Tool: Remove permission checking and fixing code from "folder structure"
Default file permissions recommendation schould be 0665 instead of 0660
| Status: | Resolved | Start date: | 2014-03-26 | |
|---|---|---|---|---|
| Priority: | Should have | Due date: | ||
| Assigned To: | - | % Done: | 100% |
|
| Category: | Install Tool | Spent time: | - | |
| Target version: | next-patchlevel | |||
| TYPO3 Version: | 6.2 | Complexity: | ||
| PHP Version: | Sprint Focus: |
Description
The new install tool recommends file permissions 0660 for setting "BE/fileCreateMask". But 0660 doesn't work (at 1und1 server), 0665 works fine.
Same issue for "BE/folderCreateMask": the install tool recommends 2770, but only 2775 works.
If I set the recommended file permissions (screenshot is attached), you can't load the images via browser (Error 403 - Forbidden).
Associated revisions
[TASK] Release file and folder permission check
This patch changes the warnings to a notices if files or folders are
readable for anyone. This improves usability for users on
non-restrictive systems as 1und1 servers.
Resolves: #57354
Releases: 6.2
Change-Id: Ic9eba030647e837694331d394d45dc1553c0cdf5
Reviewed-on: https://review.typo3.org/28917
Reviewed-by: Ernesto Baschny
Tested-by: Ernesto Baschny
History
#1 Updated by Jan Radecker over 1 year ago
0665 may work but it is wrong. Normal files do not need nor should have execute permission.
0664 would be right.
#2 Updated by Markus Hölzle over 1 year ago
You are right, the permission 0664 and 2774 also works fine
#3 Updated by Gerrit Code Review over 1 year ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/28917
#4 Updated by Jan Radecker over 1 year ago
2774 for directories is also wrong. 2775 was fine.
Please read [[http://de.wikipedia.org/wiki/Unix-Dateirechte#Oktalnotation]]
#5 Updated by Ernesto Baschny over 1 year ago
- Status changed from Under Review to Needs Feedback
- Target version set to next-patchlevel
- Parent task set to #52668
Recommended is "0660 and 2770", because world readable files is not something we should recommend for security reasons.
The "shipped defaults" are still "0664" and "2775" because it works on every setup (like 1and1).
So one idea might be to explain this a bit better to new users which are just using the defaults and wondering why they are not recommended:
- if you are running with the "defaults" (0664 and 2775), we should not issue a Warning but a Notice instead (no "2" red badge in the Install Tool).
- the Notice in the screen should then inform that you are using the defaults, which is fine, but for security reasons you should consider 0660 and 2770, but being aware that it might not work with every hoster.
What do you think?
#6 Updated by Gerrit Code Review over 1 year ago
- Status changed from Needs Feedback to Under Review
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/28917
#7 Updated by Frans Saris over 1 year ago
I'm also for changing it from warning to notice. The warning results in a message in the system report email.
#8 Updated by Gerrit Code Review over 1 year ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/28917
#9 Updated by Markus Hölzle over 1 year ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 0d82969b2b4dcd0dcb45db65ff2e680c7923bd11.