@robocoder opened this Issue on April 7th 2010 Contributor

Brain dump. This is a recurring pain point.

Piwik's Installation system check advises users to "chmod a+w {$dir}". In the forums, the "recommendation" is often to "chmod 777 tmp". These are oversimplifications and generally, bad advice without knowing what the user's environment is (e.g., dedicated vs shared hosting).

My thought is that the installer would check the process id and directory/file permissions.

    $pass = false;
    /*
     * owner is user
     */
    if (posix_geteuid() == getmyuid())
    {
        if (fileperms("tmp") & 0700) == 0700)
        {
            $pass = true;
            if (fileperms("tmp") & 0077))
            {
                $warningMessages[] = 'You may want to restrict "group" and "other" access to the tmp folder';
            }
        }
        else
        {
            $errorMessages[] = 'You don't have sufficient access to the tmp folder; chmod u+rwx';
        }
    }
    /*
     * member of group
     */
    else if (posix_getegid() == getmygid())
    {
        if (fileperms("tmp") & 0070) == 0070)
        {
            $pass = true;
            if (filepermis("tmp") & 0007))
            {
                $warningMessages[] = 'You may want to restrict "other" access to the tmp folder';
            }
        }
        else
        {
            $errorMessages[] = 'You don't have sufficient access to the tmp folder; chmod g+rwx';
        }
    }
    /*
     * other
     */
    else if (fileperms("tmp") & 0007) == 0007)
    {
        $pass = true;
        $warningMessages[] = 'Consult your sysadmin or hosting provider. This may not be secure in some shared hosting environments.';
    {
    else
    {
        $errorMessages[] = 'You don't have sufficient access to the tmp folder; chmod a+rwx tmp'
    }

Keywords: outofscope

@mattab commented on April 7th 2010 Owner

anthon, what is the issue that users are having exactly regarding the "chmod 777 tmp" suggestion?

I would be concerned issuing an error when it seems like it would be "good practise" advice?

@robocoder commented on April 8th 2010 Contributor

Maybe I'm overthinking it. (Like I said, "brain dump".) But the forum has many topics/posts re: chmod -- which tells me the there's room for improvement.

@mattab commented on September 17th 2011 Owner

I think it looks too complicated, but there are opened tickets to fix for the same issue: #1590, #1833

in the messages should we suggest chmod 775 instead or 755?

This Issue was closed on September 17th 2011
Powered by GitHub Issue Mirror