Jump to content
Larry Ullman's Book Forums
Sign in to follow this  
Edward

Assets And Runtime File Permissions

Recommended Posts

I wanted to ask what should the files permissions be for both the Assets and Runtime folder? I have set both of mine to 777 which allows the Yii Application to run. But is this correct?

 

I am working with a new vps server and getting new errors so i may as a few different questions this week.

Share this post


Link to post
Share on other sites

Thanks Jonathon, this is a useful thread and checklist for me to go through. Can i ask what did you set the permissions to on your server for the two folders. The strange thing is i didn't get problem on another server when i uploaded the files but on the new server i am getting an error message showing up, so i had to set it to 777 for the Yii app to run.

 

Seriously i know nothing about servers and this kind of IT technician stuff, i am an Airhead when it comes to this sort of stuff.

Share this post


Link to post
Share on other sites

Okay i am going through problem after problem right now trying to get things running on a server. May be Larry will have a conslusive answer for this problem. It's sad but i may have to end up purchasing the Dummy's Guide to Servers. :( Or Larry, "Can you right a Geek to English book on servers?" Just kidding...hehe!!

Share this post


Link to post
Share on other sites

Mine are set to 755 for every folder by default on my server. But I am looking to update these to make sure they are safe. Looking at the article I wasn't actually sure what the writeable folders and the rest (read only from the webserver) permissions should be.

Share this post


Link to post
Share on other sites

I tried to set mine back to 755 that all my other folders on the server are configured to but got this error again.

 

CException

Application runtime path "/home/edward/public_html/protected/runtime" is not valid. Please make sure it is a directory writable by the Web server process.

Share this post


Link to post
Share on other sites

I set them to 766 and now receive this error

 

PHP warning

 

mkdir() [<a href='function.mkdir'>function.mkdir</a>]: Permission denied

 

I will leave this at 777 for now until i figure out a solution. I have been working on other stuff now like removing the responsiveness from Bootstrap 3. My website is really too big for me alone without working on independent mobile layouts so i just do standard for now. Also i found that if i ever go to eBay or other mobile apps i find them to be crappy and just leave me switching over to the normal site view anyway. I think the responsive crap seems to be a waste of time for sites like Amazon and eBay they don't even work properly or show all the product listings. But if you were using this on the other hand with blogs sites and so i think it would be useful. Sorry for talking a lot I just releasing some of my development pressure.

Share this post


Link to post
Share on other sites

766 is not workin arrggghhh!

 

PHP warning

mkdir() [<a href='function.mkdir'>function.mkdir</a>]: Permission denied

/home/user/framework/utils/CFileHelper.php(307)

295      * @param array $options newDirMode element used, must contain access bitmask296      * @param boolean $recursive whether to create directory structure recursive if parent dirs do not exist297      * @return boolean result of mkdir298      * @see mkdir299      */300     private static function mkdir($dst,array $options,$recursive)301     {302         $prevDir=dirname($dst);303         if($recursive && !is_dir($dst) && !is_dir($prevDir))304             self::mkdir(dirname($dst),$options,true);305 306         $mode=isset($options['newDirMode']) ? $options['newDirMode'] : 0777;307         $res=mkdir($dst, $mode);308         @chmod($dst,$mode);309         return $res;310     }311 }

Is this about the user not having authority to make directories on the server?

Share this post


Link to post
Share on other sites

My server company are struggling with this, the query is now on hold till someone more technical comes in to handle this. Are you sure its 766? They asked me to confirm where i got this information from. I saw some other people on the Yii forums saying 777 but if you put 777 as opposed to 766, then the files are executable by both Group and the World.

 

File Permissions

  • Read - 4
  • Write - 2
  • Execute - 1
  • User - The owner of the file.
  • Group - Other files which are in the same folder or group.
  • World - Everyone else.

I think it may be 776 im just guessing though. Nope just tried it doesn't work either. Arrgghhh its going to be one of these days!

 

Update: Got this fixed for now but server company are not sure if errors could come up again.

Share this post


Link to post
Share on other sites

777 is guaranteed to work, it may just be more open than is necessary. On some systems, 755 could work, on others, 766. Really depends upon the permissions and owners and groups in use. Glad it's working, though!

  • Upvote 1

Share this post


Link to post
Share on other sites

My server company are struggling with this, the query is now on hold till someone more technical comes in to handle this. Are you sure its 766? They asked me to confirm where i got this information from. I saw some other people on the Yii forums saying 777 but if you put 777 as opposed to 766, then the files are executable by both Group and the World.

 

File Permissions

  • Read - 4
  • Write - 2
  • Execute - 1
  • User - The owner of the file.
  • Group - Other files which are in the same folder or group.
  • World - Everyone else.

I think it may be 776 im just guessing though. Nope just tried it doesn't work either. Arrgghhh its going to be one of these days!

 

Update: Got this fixed for now but server company are not sure if errors could come up again.

 

What settings did you use for the 3 folders with write permissions and the others that only needed read out of curiosity.

Share this post


Link to post
Share on other sites

I know of the two folder assets and runtime that need write permissions, i set those at what Larry said at 766 but my server company said there may be problem on other scripts with what they done to achieve this, so i can't confirm this will be stable yet. All my other folders on the server are set as 755 and php files are at 644.

 

So what do you have and what is the third writeable folder we need to be concerned with?

Share this post


Link to post
Share on other sites

I am actually have real problem with 766. Now i am not getting errors with 766 but now the current javascript on the pages doesn't work. Also when i deleted a folder in assets like d99df and cleared all folders out, for some reason the server couldn't write back to that folder with the assets required for Yii.

 

When i changed the folder settings back to 777 it worked again, this mystery doesn't seem to unravel easily like what i thought it would. But i agree with what Larry is saying if we can get it to 766 i would go with that as we don't really need executes on those files and limiting actions would be best by simple common sense.

 

I am now a little concerned for the security of my website.

Share this post


Link to post
Share on other sites

The thing to keep in mind is that the permissions restrict who *on the server* can do what. A 777 doesn't literally mean anyone online can do anything with that folder. Only users with access to the server would be able to manipulate such a folder. Not to be complacent about these permissions but...

  • Upvote 1

Share this post


Link to post
Share on other sites

I think i may have a vision into the future, just before i opened up this forum i just thought exactly as you wrote. Yes only those who have server access would be able to operate on the forum. So that means if we are on a dedicated server or a lower cost Virtual Private Server (VPS) we would be suffice. Suffice it not really a word i like to use(it sounds a bit weird to me) but i saw you and some others using it here so i thought id give it a shot this time. :D

 

Thanks for your help...Larry

 

I think im going to just leave this at 777 because me and my server team are getting problems with it.

 

Talking of a vision into the future i may be slightly wrong on that, it may be that we are all connected to a spiritual grid and its possible that one could connect to another person on the grid telepathically. Like i connected directly to your memory Larry. However there is one problem i need to wait for you to write the post before i can connect to it, haha. Seriously though i am not kidding with you here, something strange happened before i opened this post.

Share this post


Link to post
Share on other sites

I ran into this too and had to chmod them to 777 them. BUT I think the problem might also be related to owner and groups to use anything other then 777. I'm not a Linux hack, but Larry might chime in with more insight, but I can't remember if I changed them www-data:www-data or something like that and less then 777 for the access.

 

I'm just moving stuff to Amazon Web Services and just set a few of the directories to 777 to get things going will experiment with it and if it's anything different then 777 will tell the tail

 

Sandy

  • Upvote 1

Share this post


Link to post
Share on other sites

Thanks for your comments sandy. I think 777 is fine as long as you have a standard VPS this is pretty much the same as a dedicated server so in other words no one can access your files. Also you can validate any files being uploaded with chile manger just check the mimeType of the file and you can be sure what it is.

Share this post


Link to post
Share on other sites

Yes, I don't think it a huge deal. I'm working on AWS and it's not a huge issue as far as I can tell. I have not tried anything other then 777 yet, if I do get some time I'll try other setting but it may be pointless on the VPC :)

 

Sandy

Share this post


Link to post
Share on other sites

I tried everything else including 766 but 777 was the only thing I could get to work. The Php functions need 777 in order to operate. Well glad you could get it to work. I think if you got a VPS everything will be okay.

Share this post


Link to post
Share on other sites

I just got set up with DigitalOcean and am going through this now, I'm working on my server ip and my css folders + assets don't want to display, that being said, I did alter their permissions to 777 and they still won't come through. I'm working to try fix that though. 

Share this post


Link to post
Share on other sites

Let us know if you need any help or have any questions. Please do also share your experience with Digital Ocean (perhaps in another thread). 

Share this post


Link to post
Share on other sites

Thanks Larry

 

I "think" mine was a problem with using my .htaccess file when accessing through the server IP. Although I definately did need to change some permissions and I did end up setting most of my folders like protected and public to 777. I read your point to Edward too about it only being people on that server. It;s only me with access to my own VPS. So I feel like I should still be secure. I hope at least.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...