Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Permissions Changed?  (Read 3260 times)

0 Members and 1 Guest are viewing this topic.

TheKog

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 32
Permissions Changed?
« on: March 14, 2005, 06:12:05 pm »

I am trying to figure how or if my albums/edit directory got hacked. Everything has been fine for quite sometime, then I started getting warnings about permissions when uploading files. I traced the problem to my edit directory -- somehow the owner got changed to 'nobody' and the permissions set to 666.

The only thing that has occured from my perspective is an upgrade from phpBB 2.0.11 to 2.0.13 -- I am bridged to phpBB using the default bridge. Any ideas as to how this happened?

I reset everything and CPG is fine but I am a bit nervous about how this happened.

Thanks in advance,
Mike
Logged

Nibbler

  • Guest
Re: Permissions Changed?
« Reply #1 on: March 14, 2005, 06:24:01 pm »

There has already been ample discussion about this issue on the boards, but to sum it up briefly..

The edit directory can accidently get moved in 1.3.x during uploading files and has to be re-created by coppermine. When this happens the new folder is owned by the server and not by you. This is not a security problem. If you want to know more try search the board for edit, folder, disappeared etc.
Logged

TheKog

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 32
Re: Permissions Changed?
« Reply #2 on: March 14, 2005, 10:42:05 pm »

Thanks Nibbler, I found where to fix the 666 in picmgmt.php, but what none of the related posts discussed is why the Edit subdir keeps getting recreated. This is a first for my installation.

Thanks,
Mike
Logged
Pages: [1]   Go Up
 

Page created in 0.02 seconds with 21 queries.