Linux rights for ez template files..

Share » Forums » General » Linux rights for ez template files..

Monday 14 August 2006 7:14:42 am - 3 replies

3 replies

Author	Message
Kristof Coomans	Monday 14 August 2006 9:36:35 am If you're not going to edit the template files from inside the admin interface, then only read rights are necessary. independent eZ Publish developer and service provider \| http://blog.coomanskristof.be \| http://ezpedia.org
K259	Monday 14 August 2006 10:55:51 am But this is really unsecure: -rwxr-xr-x ?
Kristof Coomans	Tuesday 15 August 2006 1:13:31 am If the user your webserver is running as, is also the owner of the template files, then it could be possible that a website visitor modifies/deletes them if there is an exploit in eZ publish which allows him/her to do so. But in normal circumstances, there's no security risk. independent eZ Publish developer and service provider \| http://blog.coomanskristof.be \| http://ezpedia.org

Author

Message

Kristof Coomans

Monday 14 August 2006 9:36:35 am

If you're not going to edit the template files from inside the admin interface, then only read rights are necessary.

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

K259

Monday 14 August 2006 10:55:51 am

But this is really unsecure:

-rwxr-xr-x

Kristof Coomans

Tuesday 15 August 2006 1:13:31 am

If the user your webserver is running as, is also the owner of the template files, then it could be possible that a website visitor modifies/deletes them if there is an exploit in eZ publish which allows him/her to do so. But in normal circumstances, there's no security risk.

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

You must be logged in to post messages in this topic!

design implementation by Netgen / design by Xvision

Linux rights for ez template files..

Linux rights for ez template files..

Forums menu