Hi! Assuming that your web server's user name is apache and group name is too apache...
Darko Jr. Gonzalez wrote: > I downloade Source with Dummy site ZIP 4.1.3. What are the exact best > permissions security wise for the folders and files? > 1. I read install.txt within the zip file - states that I have to set > 777 or 755 to /typo3temp, /typo3/temp/, /typo3conf/localconf.php These instructions are quite bad actually... Inside web site root you should do: chown -R root:apache fileadmin uploads typo3temp typo3conf chmod -R g+w fileadmin uploads typo3temp typo3conf chmod -R o-w * > 2. I read typo3 security cookbook 0.5, the section for File System > Rights defines: > - Revoke all write privileges for the webserver account to typo3_src > folder. How do I learn whats the webserver account? What are exact > permission for this folder? Inside typo3 source folder (this is where you unzip typo3_src package): chown -R root:root * chmod -R typo3_src go-w * Note you should have typo3_src packages unzipped to a separate location, not to web site root. Then you should symlink (see "man ln") certain folders and files to web site root. > - set ownership and umask in htdocs to appropriate values (differs for > the various subdirectories). Where do I learn what do I need to set > for each folder and it's subdirectories? The above command make it for typo3. If you installa something else (like Coppermine gallery or phpMyAdmin), you have to check documentation for those products. -- Dmitry Dulepov TYPO3 freelancer / TYPO3 core team member Web: http://typo3bloke.net/ Skype: callto:liels_bugs _______________________________________________ TYPO3-english mailing list [email protected] http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english
