LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 04-08-2010, 08:58 PM   #1
oznola
Member
 
Registered: Mar 2010
Location: las vegas, nv
Distribution: debian etch, kubuntu, mac osx 10.51, vista
Posts: 65

Rep: Reputation: 15
Cool what are the results of 664 permisions?


hi,

i am trying to set permissions on my wordpress install such that the wordpress admin can write to the files and directories in the wordpress tree. otherwise i have to do all the things wordpress does automatically by hand with vi.

of course i would like to have permissions set as precisely as possible for security.

at present the files are set to 644 (-rw-r--r--). my plan is to change permissions to 664 (-rw-rw-r--) using chmod. ie "chmod -r 664 ./wordpress".

please advise.
 
Old 04-08-2010, 11:12 PM   #2
mweed
Member
 
Registered: Mar 2006
Posts: 33

Rep: Reputation: 17
To answer your question setting mode 664 may or may not allow apache to write. You will most likely need to chgrp the files to apache as well.

In general it is a bad idea to allow apache to write in the document root, but unfortunately as you see wordpress requires it. I manage linux servers for customers of all sizes from VPSes to 200+ machine installs. I only manage the OS level. They manage the apps. The single biggest exploit vector I see is due to web apps, and the most commonly exploited is wordpress. Sorry for the tangent, but my point is don't just start changing permissions until it works. Google and read a few articles on securing wordpress. Know how and what need exactly which permissions before relaxing file permissions on the server. And be extra vigilant on keeping wordpress updated.
 
1 members found this post helpful.
Old 04-09-2010, 12:00 AM   #3
oznola
Member
 
Registered: Mar 2010
Location: las vegas, nv
Distribution: debian etch, kubuntu, mac osx 10.51, vista
Posts: 65

Original Poster
Rep: Reputation: 15
ty mweed,

i will go slow and do some homework as you advise. chgrp is a good idea i had overlooked.
 
Old 04-09-2010, 12:07 AM   #4
kainosnous
Member
 
Registered: Mar 2010
Location: Tennessee, USA
Distribution: Arch, Fedora
Posts: 59

Rep: Reputation: 18
As the previous post hinted, you will also need to make sure that the files are in Apache's group (apache on some distros, httpd on others, it's in httpd.conf). You might also want to note whether or not Apache has x on the directories too. IIRC, the recursive option for chmod is -R and not -r.

To the previous poster: Is there a list you could recommend of wordpress vulnerabilities and how to properly secure them? Is it more of a problem from the PHP or the MySQL?
 
Old 04-09-2010, 12:36 AM   #5
oznola
Member
 
Registered: Mar 2010
Location: las vegas, nv
Distribution: debian etch, kubuntu, mac osx 10.51, vista
Posts: 65

Original Poster
Rep: Reputation: 15
here is a link to a recent post in the wordpress forum describing how mysql was exploited. if you scroll down you will see a few links a moderator recommended reading to prevent it from happening again...

http://wordpress.org/support/topic/385477?replies=43

i am not sure where to begin with what groups should be considered. but apache and httpd. thanks
 
  


Reply

Tags
wordpress


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba 'force create mode = 664' ignored (RHEL 5) hillersa Linux - Server 2 03-25-2009 06:34 AM
chmod 777 664 zerocool22 Linux - Server 7 06-03-2008 06:58 AM
chmod 775 to only the directories and chmod 664 to only the files? apachenew Linux - Security 6 09-27-2007 03:26 PM
howto chowto change file permisions in multiplhange file permisions in multiple dirs? pingvina Linux - Software 3 01-13-2006 03:10 PM
set block device 664 always shanenin Linux - Software 2 08-08-2005 10:41 AM


All times are GMT -5. The time now is 02:53 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration