[TYPO3-dev] TYPO3 and default filesystem rights
Michael
typo3ml at schams.net
Thu Apr 5 15:09:11 CEST 2012
On 05/04/12 22:49, Philipp Gampe wrote:
>> Ok, then it's 775, but is there a reason, why TYPO3 is not already
>> configured that way?
>
> Because even that is more then needed. Actually the webserver is the one
> that is important.
[...]
> In general you should never allow world to write. In most case you do not
> even want world to read.
> If you set your setup to 777, then everybody on your server can read and
> write to any of your files, including configuration files.
Some more generic explanations about this topic can be found in the
official TYPO3 Security Guide (chapter "Guidelines for System
Administrators", subsection "File/directory permissions"):
http://typo3.org/extensions/repository/view/doc_guide_security
Cheers
Michael
More information about the TYPO3-dev
mailing list