Hi, can you clarify:
Until now I was sure that 777 (whole world writable) permissions for files or folders are a big no-no, a security hole.
After I started looking for an easy (way easier than Drupal) CMS, that will allow to add content without linking new pages manually in the old pages (download-edit-upload each time), it seems that there is an unadvertised feature common if not for all, then for many of php CMS: absolute must of 777 permissions for some files, otherwise the system will not work.
No matter how to call 777: whole world writable or server writable.
Much more people are on shared hosting than having a personal server, equally much more with only basic knowledge, just enough to create and manage hobby or interests website. Helping me here, you help many others just like me.
I spend insane amount of time on try before install website for open source Content Management Systems, selecting the easier and very secure systems, according to feedbacks, only to find few days later that any of them requires 777 level of permissions.
Am I mistaken or any CMS, php based, will require at least one 777 for operating?
If this is still a big security hole, how people work around this problem?
Thanks.
Until now I was sure that 777 (whole world writable) permissions for files or folders are a big no-no, a security hole.
After I started looking for an easy (way easier than Drupal) CMS, that will allow to add content without linking new pages manually in the old pages (download-edit-upload each time), it seems that there is an unadvertised feature common if not for all, then for many of php CMS: absolute must of 777 permissions for some files, otherwise the system will not work.
No matter how to call 777: whole world writable or server writable.
Much more people are on shared hosting than having a personal server, equally much more with only basic knowledge, just enough to create and manage hobby or interests website. Helping me here, you help many others just like me.
I spend insane amount of time on try before install website for open source Content Management Systems, selecting the easier and very secure systems, according to feedbacks, only to find few days later that any of them requires 777 level of permissions.
Am I mistaken or any CMS, php based, will require at least one 777 for operating?
If this is still a big security hole, how people work around this problem?
Thanks.
