[imp] Permissions
Eric Rostetter
eric.rostetter at physics.utexas.edu
Sun Mar 23 18:51:24 PST 2003
Quoting Sasa STUPAR <sasa at stupar.homelinux.net>:
> I have installed Horde 2.2, IMP 3.2.1, Turba 1.1, Nag 1.1, Memo 1.1 .
> How do I set the permissions to the directory horde and all subdirs ?
Generally speaking, they should all be readable by the web server user,
and not writable by the web server user. For unix, this generally means
directories should have sufficient "r" and "x" permissions, and files
have sufficient "r" permissions, and that none should be writable by
the web server.
After you check it and verify that things are okay, you should
probably remove all permissions from any test.php files as they could
provide information to hackers or whatever.
You should also make sure that any other users on your machine, if any,
can't read the config/*.php files as some of these may contain passwords
or other sensitive info. So you may want to make sure your config files
are owned by the web server and have no read access to others.
The above covers only files distributed with Horde and the apps. Others,
such as any cache files, sql database files, etc. must also be properly
secured. I'm not going to cover any of that here however.
> Sasa
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Why get even? Get odd!
More information about the imp
mailing list