Concerned about loose file modes on installation files
13 views
Skip to first unread message
Douglas Goodall
Dec 9, 2016, 1:24:34 PM12/9/16
to ICEcoder
I successfully installed ICEcode 5.7 today on CentOS 7 and it seems to be working. I am however concerned about the protection level of the installed files.
Normally I run cgi scripts as 755 so they can only be modified using the owner userid.
Am I needlessly concerned about the vulnerability? Or is this ok for some reason I don't understand yet?
Thanks,
Doug
Normally I run cgi scripts as 755 so they can only be modified using the owner userid.
Am I needlessly concerned about the vulnerability? Or is this ok for some reason I don't understand yet?
Thanks,
Doug
Matt Pass
Jan 26, 2017, 8:15:10 AM1/26/17
to ICEcoder
Sorry for the delay in replying. The dirs.mentioned need to be writeable by PHP - which can be done by changing the permissions or ownership, the latter you're right - is often seen as a better solution.
Thanks
Matt
Reply all
Reply to author
Forward
0 new messages