while changing ezp/settings permission to 400, getting unexpected error.

Previous topic

Developer

Next topic

Author	Message
Romeo Antony	Wednesday 19 January 2011 10:50:59 pm Hi, I was trying to follow one of the suggestions provided in the ez/no forum to secure the ezp installtion by giving only read access to apache user on settings folder and its ini files. After execute chown -R apache:apache settings/ chmod -R 400 settings ezp stopped working and gets unexpected error. I do not know why it keeps failing in my case . To secure the ezp, it is better to give only read access to apach user to setting folder and its ini' files . So that all ini files can be only read by apache . But in my case ezp is only working if I provide read,write,exectue permision to settings folder. Any workaround will be helpfull. I know to give apache write permission to settings folder and its inis is not secure. Only read permission to settings folder will be the best way to secure ezpublish site.?
Bertrand Dunogier	Thursday 20 January 2011 2:42:28 am Where did you see this suggested ? The minimal permission for folders is still 500. 400 means only read, but not execute, and execute for folders manages the right to enter the folder. Without this x permission, the folder's content won't be readable by ezp. Bertrand Dunogier eZ Systems Engineering, Lyon http://twitter.com/bdunogier http://gplus.to/BertrandDunogier
Romeo Antony	Friday 21 January 2011 11:26:04 pm Thanks for the reply Bertrand. Here I have seen the post http://share.ez.no/forums/install-configuration/encrypting-site.ini Thank you for guiding me on right track.

Author

Message

Romeo Antony

Wednesday 19 January 2011 10:50:59 pm

Hi,

I was trying to follow one of the suggestions provided in the ez/no forum to secure the ezp installtion by giving only read access to apache user on settings folder and its ini files.

After execute chown -R apache:apache settings/

chmod -R 400 settings

ezp stopped working and gets unexpected error. I do not know why it keeps failing in my case .

To secure the ezp, it is better to give only read access to apach user to setting folder and its ini' files . So that all ini files can be only read by apache . But in my case ezp is only working if I provide read,write,exectue permision to settings folder. Any workaround will be helpfull. I know to give apache write permission to settings folder and its inis is not secure. Only read permission to settings folder will be the best way to secure ezpublish site.?

Bertrand Dunogier

Thursday 20 January 2011 2:42:28 am

Where did you see this suggested ? The minimal permission for folders is still 500. 400 means only read, but not execute, and execute for folders manages the right to enter the folder.

Without this x permission, the folder's content won't be readable by ezp.

Bertrand Dunogier
eZ Systems Engineering, Lyon
http://twitter.com/bdunogier
http://gplus.to/BertrandDunogier

Romeo Antony

Friday 21 January 2011 11:26:04 pm

Thanks for the reply Bertrand.

Here I have seen the post http://share.ez.no/forums/install-configuration/encrypting-site.ini

Thank you for guiding me on right track.