I think we should give Permissions topic very serious though. I
believe we'll be better of without requiring before installation 777
(worldwide) permissions on themes/ folder in particular.
I came across this more and more that people forget to turn them off
and in some cases it can lead to a security issue.
What others think on this?
Thanks.
--
You received this message because you are subscribed to the Google Groups "In-Portal Bugs Team" group.
To post to this group, send email to in-port...@googlegroups.com.
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.
1. NOT to require 777 during the installation + adjust toos/
fix_perm.sh script (to exclude themes/)
2. Somehow indicate on Design and File editing Modes that currently
theme is Read-Only and permissions needs to be changed.
All this would be done to tighten up the security.
Let me know what you think?
DA.
On Jan 20, 2:17 am, Alexander Obuhovich <aik.b...@gmail.com> wrote:
> Permission to write into "themes" folder wan't required before 5.0.0
> version. The only reason for it is "Design Mode" during site browsing. In
> that mode administrator can drag-n-drop sideboxes/content boxes on pages to
> get desired layout and edit template contents using nice editor with
> HTML/In-Portal tags highlighted. Without that write permission all such
> operations will fail with error, that they can't save changes, that user
> have made.
>
>
>
>
>
> On Wed, Jan 20, 2010 at 4:40 AM, Dmitry A. <dandre...@gmail.com> wrote:
> > Hey guys,
>
> > I think we should give Permissions topic very serious though. I
> > believe we'll be better of without requiring before installation 777
> > (worldwide) permissions on themes/ folder in particular.
>
> > I came across this more and more that people forget to turn them off
> > and in some cases it can lead to a security issue.
>
> > What others think on this?
>
> > Thanks.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "In-Portal Bugs Team" group.
> > To post to this group, send email to in-port...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > in-portal-bug...@googlegroups.com<in-portal-bugs%2Bunsubscribe@go oglegroups.com>
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.