Running ZenCart under PHPsuexec - Page 2

T313C0mun1s7 · July 25th, 2006, 9:18 PM

Quote:

Originally Posted by cowboy

What FTP program are you using? I cannot imagine one that would allow such a security risk. If it has a setting that controls default chmod set it to 755 for folders and 644 for files.

PHP running as CGI (PhpSUexec) will not allow initial creation of group or world write bits, nor, will it allow itself to set either bit after creation.

If you are uploading a tarball and extracting it on the server, it's contents will retain the permissions set at the time of taring.

The security feature of phpSUexec is to allow only the owner of a file to write, so if either group or world has a write bit, the CGI for PHP will halt in its tracks and deliver an error, usually 500. You can add write bits with FTP after file or folder creation, but, phpSUexec will refuse to honor them. That is your protection.

Since CGI needs an execute bit to run a file the apache OPTIONS directive ExecCGI adds an execute bit to all files, making a 644 file in effect 755. (Files pose no problem having a 755 permission.) Folders are not affected by the ExecCGI directive so have to be 755 to start with.

If all of your folders and files are in tact with 777 permissions, you can request support change them for you.

After logging in and doing a long reply with multiquote I was greated with a dialog informing me I needed to log in. So Cowboy - Thank you once again you explained a lot. I will do, and I am using gftp on Ubuntu.

T313C0mun1s7 · July 25th, 2006, 10:38 PM

I was not able to get AbsoluteFTP to do the recursive permissions change. However, I tried SSH shelling in via the shell in cPanel and it worked (Shhhh, don't tell anyone I don't want to loose it) so I did a chmod -R 755 * and tried again. The install script worked this time. Thank you for your help.

P.S. gFTP does not have a setting for default permissions, but it does have one to retain permissions on transferred files. The ZenCart download is not a tar.gz but rather a zip file. So when I unzipped it on my Linux system it most likely did not preserve file permissions and set everything to 777, then when I uploaded it the 777 was preserved and thus set on the server.

July 25th, 2006, 10:38 PM	#11 (permalink)
T313C0mun1s7 Registered User Seasoned Poster Joined in Mar 2006 Hosted on SH95 (72.29.90.43) 49 posts Gave thanks: 4 Thanked 2 times	I was not able to get AbsoluteFTP to do the recursive permissions change. However, I tried SSH shelling in via the shell in cPanel and it worked (Shhhh, don't tell anyone I don't want to loose it) so I did a chmod -R 755 * and tried again. The install script worked this time. Thank you for your help. P.S. gFTP does not have a setting for default permissions, but it does have one to retain permissions on transferred files. The ZenCart download is not a tar.gz but rather a zip file. So when I unzipped it on my Linux system it most likely did not preserve file permissions and set everything to 777, then when I uploaded it the 777 was preserved and thus set on the server. __________________ T313C0mun1s7 PASS65 (72.29.93.65) - Reseller ========================

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)