Linux rights for ez template files..

« 
Previous topic
|
General
|
Next topic
 »
Author Message

K259

Monday 14 August 2006 7:14:42 am

Which rights are needed to have for my tpl's under design/x/override/templates/node/view/..
I want the site to be secure.

-rwxr-xr-x
or
-rwxr--r--

K

Kristof Coomans

Monday 14 August 2006 9:36:35 am

If you're not going to edit the template files from inside the admin interface, then only read rights are necessary.

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

K259

Monday 14 August 2006 10:55:51 am

But this is really unsecure:

-rwxr-xr-x

?

Kristof Coomans

Tuesday 15 August 2006 1:13:31 am

If the user your webserver is running as, is also the owner of the template files, then it could be possible that a website visitor modifies/deletes them if there is an exploit in eZ publish which allows him/her to do so. But in normal circumstances, there's no security risk.

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org
Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.