Re: installiing joomla

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 09/14/2013 10:51 PM, Tim wrote:

Allegedly, on or about 14 September 2013, Roger sent:

There is some belief that /var/www/html is sacrosanct.

More to the point is that you don't let a world-accessible server have
write access to files, willy-nilly.  Likewise if it's not actually
"world" accessible, but still widely accessible within a LAN.  If it's
possible for Apache to write to the webspace, because it's foolishly
owned by the apache user, your system is just ripe for being exploited.


It does not matter which directory you use you still have to have user
ownership and suitable permsissions in some form.

Yes, and "suitable" permissions are not allowing the server software to
own the files.  Never having experienced the problem doesn't mean that
it's not there, or that you're not vulnerable.  It's a very bad habit to
form, and hard to break once people start forming bad habits.  The fact
that some website may advocate doing dumb things, doesn't make them good
advice.  The internet is full of silly things, with the blind leading
the blind down the garden path, and over the edge of the cliff.


- Setting up Joolma, Drupal or the like cannot be done unless one is
root.
- One has to be root not sudo root.

Nothing particularly unusual there, it's damn sensible that to "set up"
software, one has to have such privileges.  Not a good idea if they have
to maintain such high privileges to "use" the software once installed.
Could we perhaps discuss how to get those CMS's working without the dangerous ownership and permissions aspects. I have tried for years and not solved it. I think it's mainly because they are meant to work on ISP servers where someone else controls security.
Setting up as root doesn't happen on a live server, I think because each user has their own chunk of space, I have not found a way to do that in a home sandpit except to create a new user and install into there. but the permissions and ownership problems remain.
I am open to any help and would greatly appreciate understanding on solving this. 
Roger


--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux