Question. It seems the advice given for the "Backup" directory is to change the permissions to 777. I've managed to get it working using 773 (removing public read access).
I have two questions...
1) Is there any way we can make whatever user WP Database uses part of a group so that public has no access whatsoever to that directory?
1) Is there any way we can make whatever user WP Database uses part of a group so that public has no access whatsoever to that directory?
It depends on how your server is set up. The plugin is acting as PHP, and if that means it's the same user as the server itself, such as Apache, you would be denying it read access as well.
2) Isn’t 777 a huge security vulnerability?
Why do you say that? What scenario do you have in mind?
Why do you say that? What scenario do you have in mind?
My understanding of 777 is that it allows anyone to perform said actions (read, write, execute). Which to me means that 1) They could load and run malicious scripts/whatever. And 2) they would be able to download one of my database backups. And thus have access to the sensitive information contained.
I do not store my database backups in that folder. But they are stored there temporarily during the backup process, which to me is a security vulnerability if someone has access.
I don't presume to be a security expert, and I wouldn't advise anybody to do something that he or she feels is insecure. However, here are a few reasons why I don't think making the backup directory world-writable is too great a concern.
* No one should know the path to the backup directory, as it's a hash unique to your database password.
* If someone were to have the kind of access that listed your site's directories, they're likely going to be able to dump your database directly anyways.
* With safe_mode on, a malicious script could not operate on a file with a different owner; if the person planting the malicious script could set the appropriate ownership, directory permissions wouldn't be much of an issue.
* The backup folder has no scripts that are part of or included by WordPress, so there's no danger of someone modifying a core file.
* Backup files should be in the backup directory only for the minute or so it takes to create and download/email them.
* Making a directory world-writable for uploads seems to be a common practice.
Question. It seems the advice given for the "Backup" directory is to change the permissions to 777. I've managed to get it working using 773 (removing public read access).
I have two questions...
1) Is there any way we can make whatever user WP Database uses part of a group so that public has no access whatsoever to that directory?
2) Isn't 777 a huge security vulnerability?
My understanding of 777 is that it allows anyone to perform said actions (read, write, execute). Which to me means that 1) They could load and run malicious scripts/whatever. And 2) they would be able to download one of my database backups. And thus have access to the sensitive information contained.
I do not store my database backups in that folder. But they are stored there temporarily during the backup process, which to me is a security vulnerability if someone has access.
I don't presume to be a security expert, and I wouldn't advise anybody to do something that he or she feels is insecure. However, here are a few reasons why I don't think making the backup directory world-writable is too great a concern.
* No one should know the path to the backup directory, as it's a hash unique to your database password.
* If someone were to have the kind of access that listed your site's directories, they're likely going to be able to dump your database directly anyways.
* With safe_mode on, a malicious script could not operate on a file with a different owner; if the person planting the malicious script could set the appropriate ownership, directory permissions wouldn't be much of an issue.
* The backup folder has no scripts that are part of or included by WordPress, so there's no danger of someone modifying a core file.
* Backup files should be in the backup directory only for the minute or so it takes to create and download/email them.
* Making a directory world-writable for uploads seems to be a common practice.
Thanks for the explanation. At least I feel more comfortable using it now.
RSS feed for this topic
Reply
You must log in to post.