Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Would you please take a look into the code (here from 3.0.3.6)!?straightlight wrote: ↑Sun Oct 18, 2020 7:47 pmchown may have been used to enforce CHMOD permissions to be set to 0777 recursively when creating folders on your domain which is highly unrecommended due to security issues this may cause.
filemanager.php (334 & 335):
Code: Select all
mkdir($directory . '/' . $folder, 0777);
chmod($directory . '/' . $folder, 0777);
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
I dont have any chown running on my site.
I have check admin/controller/common/filemanager.php and I see your code you re saying: http://prntscr.com/v1ndn1
I have made a clean installation of OC 3.0.3.6 in a subfolder and still getting 777 at the folder http://prntscr.com/v1o47v .
Thanks
Still in master branch ... never noticed that was there. If everybody OC supporter suggests to use a maximum of 0755 on folders, then this should also be changed ...OSWorX wrote: ↑Sun Oct 18, 2020 8:01 pmWould you please take a look into the code (here from 3.0.3.6)!?straightlight wrote: ↑Sun Oct 18, 2020 7:47 pmchown may have been used to enforce CHMOD permissions to be set to 0777 recursively when creating folders on your domain which is highly unrecommended due to security issues this may cause.
filemanager.php (334 & 335):thx!Code: Select all
mkdir($directory . '/' . $folder, 0777); chmod($directory . '/' . $folder, 0777);
Suggestion now made: https://github.com/opencart/opencart/pull/8781 .
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
0777 since the filemanager.php exists!
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
Me too!straightlight wrote: ↑Sun Oct 18, 2020 11:34 pmYes, I was referring to the 0777 permission setting itself, not the file manager.
It is 0777 since this file was introduced .. and this is many years ago ..
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
I have noticed this too. Can the file be updated to reference the server setting instead?OSWorX wrote: ↑Mon Oct 19, 2020 2:26 pmMe too!straightlight wrote: ↑Sun Oct 18, 2020 11:34 pmYes, I was referring to the 0777 permission setting itself, not the file manager.
It is 0777 since this file was introduced .. and this is many years ago ..
Opencart Hosting Plans, Domain Registration, Microsoft and Google Email and More
Visit our website for great deals and most importantly, fast and friendly support - www.evolvewebhost.com
Lowering the permission level to 0755 would be a simpler task as it is the recommended settings for folders on anyhow.EvolveWebHosting wrote: ↑Mon Oct 19, 2020 9:17 pmI have noticed this too. Can the file be updated to reference the server setting instead?OSWorX wrote: ↑Mon Oct 19, 2020 2:26 pmMe too!straightlight wrote: ↑Sun Oct 18, 2020 11:34 pmYes, I was referring to the 0777 permission setting itself, not the file manager.
It is 0777 since this file was introduced .. and this is many years ago ..
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
0755 is quite a good setting - and recommended.straightlight wrote: ↑Mon Oct 19, 2020 9:27 pmLowering the permission level to 0755 would be a simpler task as it is the recommended settings for folders on anyhow.
But (sorry, as always), it raise another problem, becuase some providers have their servers set to another mask.
I have see nearly everything from 650 to 750 and other figures.
Maybe a check with umask or/and a combination umask with chmod would be useful to use then the correct setting.
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
For most servers, yes. Hopefully the change is made to main downloads.straightlight wrote: ↑Mon Oct 19, 2020 9:27 pmLowering the permission level to 0755 would be a simpler task as it is the recommended settings for folders on anyhow.EvolveWebHosting wrote: ↑Mon Oct 19, 2020 9:17 pmI have noticed this too. Can the file be updated to reference the server setting instead?
Opencart Hosting Plans, Domain Registration, Microsoft and Google Email and More
Visit our website for great deals and most importantly, fast and friendly support - www.evolvewebhost.com
Users browsing this forum: No registered users and 327 guests