[TYPO3] Fileadmin got hacked
Christopher
bedlamhotel at gmail.com
Mon Jan 30 17:23:41 CET 2006
Hi Robert,
On 1/30/06, Robert Markula <robert.markula at gmx.net> wrote:
> Dmitry Dulepov wrote:
> > User:group should be yourusername:webservergroup. Probably it is already set.
> > Permissions for fileadmin should be rw-rw-r (664). Same for uploads, typo3conf,
> > typo3temp.
> >
> > Dmitry.
>
> I read the core documentation about permissions. However, I run into a
> problem, because both owner and group are user:user. So if I want to
> have write access to the fileadmin folder, I would have to set chmod
> 777, otherwise I cannot upload files from the backend. Same for
> typo3conf/, uploads/ and typo3temp/.
> Any suggestions?
>
Ask your host's support dept to change the group of the affected files
to 'nobody' (or whatever the webserver's usergroup is).
@Dimitry: am I wrong or is 664 insufficient permissions? Seems to me
that 775 must be necessary in these directories--the scripts need to
execute as well, no?
-Christopher
More information about the TYPO3-english
mailing list