Re: re[2]: [Phpwebsite-developers] Security

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Sun, 2003-02-16 at 14:08, Geoff Staples wrote:
> There are two scripts. But, they both require shell access which many
> people don't have.

Geoff,
PhpWebSite has always required shell access to install. I think this is
a fairly standard requirement for installing a CMS.

    c m s I n f o . o r g
    http://www.cmsinfo.org/

> Yes, I did look at security.txt. Here's the relevant portion (which I
> quoted in my post):
<snip>
> As I mentioned, there is user, owner, and group read, write, and
> execute. I looked at the shell script and it appears that these items
> should be set to 777 (read, write, execute access for everyone). But,
> even though that's what the shell script says, that doesn't seem right
> to me.

It is if you don't have root access, or know someone (hosting admin)
that does.

    Note: only a few directories and on file are given world writable
    settings using the NONROOT_secure_phpws.sh.

        chmod 777 ../.htaccess
        chmod -R 777 ../images/
        chmod 777 ../conf/branch/

-- 
Mike Noyes <mhnoyes @ users.sourceforge.net>
http://sourceforge.net/users/mhnoyes/
http://leaf-project.org/  http://sitedocs.sf.net/  http://ffl.sf.net/