This section is of importance only to those who use PHP-Nuke under Linux/Unix (this is true for the greater part of PHP-Nuke sites that are hosted by providers, and often also those who test
locally use Linux).
You have already set the right permissions on folders and files during installation (see Section 3.2.3, where you will find a more in-depth treatment of the concept
of file permissions). However, it is a good idea to think about permissions once again, in a security context.
Burzi says that the directories should be assigned a mode of 777, the files a mode of 666, but we may calmly let our PHP-Nuke do its work under more restrictive permissions, as illustrated
below:
-
config.php (666)
-
backend.php (666)
-
ultramode.txt (666)
-
All directories (755)
-
Other files (644)
The files config.php, backend.php, ultramode.txt must have the write permissions because :
-
For config.php editing the preferences we will write this file modifying the text.
-
For the backend and ultramode on the other side, we will write them (in an automatic way) modifying the titles and abstracts of the news.
There is however something particular we have to take into account: if we use modules that upload files in some directories, their permissions wil have to be raised. As an example, consider the
IndyNews module, a non standard module that makes it possible to enclose files and images in articles. The structure of the module is the following:
In the inside of the "indynews" folder the permissions of the folder "media" would have to be 777, due to an override problem, the 777 permissions will have to be imposed on everything that is
below "modules". For this reason, everything that resides in "modules" will be in 777 mode and this could cause a vulnerability. A solution is to move the folder that will have to accommodate the
uploaded files to the outside of the modules folder, even to the document root, changing inside the module all the references to it.
Doing so will leave one single folder in root with permissions set to 777. But you still have to consider the risks associated with such a decision. To quote the phpGroupWare Installation and security HOWTO:
As discussed earlier, having a world writable file in you web root is a rather serious security risk, especially if that file will accept raw user data. It becomes trivial for someone to add php
code or any type of script or cgi code your server supports and execute it on your system. Risk is reduced slightly because it would be executed as the "anonymous" nobody user that apache runs under
but still would allow access to your ...[ed. config.php] and thus your database, as well as access to /etc/* where all sorts of fun and dangerous information could be abused.
Thus, if the upload feature is of utmost importance to you, you are well advised to double-check what kinds of files your users will be allowed to upload - and test any paranoid scenario you can
think of. In case of doudt, it may be safer to disable uploading at the cost of making some users unhappy. Better safe than sory.
