Search
in english whole site
»
Home·Programming·CSE CMS·How To·Setting permissionsdeutsch·english·français
Contact & CommentsMinimizeHigherLower
» Visitor's comments
» Contact
StatisticsMinimizeHigherLower
» Hits: 13666  (details)
» Distinct visits: 6578 (1.2 Hit/visit)
» Bots visits: 5786 (Hits: 42.3%)
» Your hits in this session: 1
UserEnlargeHigherLower
Setting permissions
There may be some issues related to permissions when using CSE CMS. In particular, while the permissions must be as restrictive as possible from a safety perspective, some features will not work if rather permissive rights are not given to specific folders.

It is important to remember that you (the person installing CSE CMS) are logged under your username on the server when you use FTP, therefore any folder and file you create will belong to you. The scripts are exectued under a different identity (e.g. Apache, Http-user), a "web-user" username. This "web-user" does not have special rights on any file or folder belonging to you!

So for example, if you create a new folder within FTP, this folder will likely have the following rights:
-rwxr--r--
The web-user is not the owner of the file (-rwxr--r--), nor a member of the same group (usually, "registered users" for instance: -rwxr--r--), but is Everybody (-rwxr--r--) and will therefore only have reading rights within this folder.

This is perfectly sufficient to display the content of you website, but by definition does not allow writing, i.e. modifying or creating new documents. This is of relevance in several situations:
  • When specifically creating a file programmatically, such as the thumbnails creation within a gallery,
  • When specifically appending/writing to a file, such as for the statistics, or for leaving comments,
  • When targeting at changing or deleting files using the administrator interface.
Therefore, the following elements must be taken into consideration:
  • Set the rights -rwxrwxrwx = chmod(777) to the folder containing your gallery, then call it once in your browser. The thumbnails are now generated. Revert the rights to -rwxr--r-- = chmod(711) afterwards.
  • Some special folders are available with by the rights by default -rwxrwxrwx, for non-critical documents that must be writeable:
    • /stats/ folder, where statistics and comments are stored,
    • /comments/ folder, where inline coments from visitors are stored,
    • Each plug-in can, within its own project folder, use another folder with writing rights. Do not give writing rights for any reason to the plug-in folder itself, files there are executables!
  • All folders and files that you want to be able to modify from the administration interface must be set to -rwxrwxrwx. This is not recommended, but may be useful e.g. temporarily for a section you are working on during a couple of days. Revert to -rwxr--r-- afterwards.
Made with CSE_CMS, © CSE, 2008-2017