Topic: versioncheck says 755 is an unnecessary risk? (Read 5007 times)

Eric Chadwick · « **on:** January 26, 2008, 06:35:44 pm »

After upgrading from 1.4.12 to 1.4.14, I ran update.php and it finished without errors.

Then I ran versioncheck.php and everything was good except some folders have this warning:

Folder writable The folder "bridge" is writable. This is an unnecessary risk, coppermine only needs read/execute access.

The offending folders are set 755, so does this mean Owner Write permission is considered a risk? If I changed them to 555 (read/execute only), wouldn't that also prevent the admin (me) from editing these folders?

Nibbler · « **Reply #1 on:** January 26, 2008, 06:40:23 pm »

You don't need to edit them normally. If you do you can just change the permissions temporarily.

Eric Chadwick · « **Reply #2 on:** January 27, 2008, 07:25:07 pm »

Thanks Nibbler.

Hmm, it seems my host is forcing them back to 755. I'll check this out with them, but I'm curious how much of a risk these folders might be?

Joachim Müller · « **Reply #3 on:** January 28, 2008, 09:31:51 am »

Don't worry: the risk is small. If your webhost has made his homeworks and set up the server properly, shielding the presences on the server against each other, then there is no security risk at all.
Read up Why chmod 777 is NOT a security risk

News:

Author Topic: versioncheck says 755 is an unnecessary risk? (Read 5007 times)

Eric Chadwick

versioncheck says 755 is an unnecessary risk?

Nibbler

Re: versioncheck says 755 is an unnecessary risk?

Eric Chadwick

Re: versioncheck says 755 is an unnecessary risk?

Joachim Müller

Re: versioncheck says 755 is an unnecessary risk?