At several points, this page suggests using recursive "chmod 777". In fact, it almost demands it, with dire warnings that not doing so will break things.
This is convenient advice, but it's also bad advice from a security standpoint. The files need to be given permission such that the web server user can write to them, but mode 777 means any user on the system can do so.
On a server where you don't have exclusive access, this is obviously a horrible idea, since any other user could overwrite your config.php, perhaps with malicious code. And it's also a bad idea even if you are the only user on the system, because it makes it easier someone who has broken into the machine (perhaps through another service, like ftp) but hasn't yet gotten root access to at least mess with your gallery data (and probably get web server access privs).
I understand the desire for simple instructions, but there should at least be a huge warning flag here. Mattdm
If you would so kind as to explain to us how users on hosted systems that don't run phpsuexec or something similar, can set the permissions we would be happy to update the docs h0bbel 10:01, 17 January 2006 (PST)
It depends on the configuration of the server. On some, there will be a group which is shared by the web server and by you alone, in which case you should change the files to be owned by that group and be group writable. This is handy, because that exactly expresses what you want. However, this only works on a server with a limited number of users, since under many Unixes (but not recent Linux; possibly not others as well -- I haven't kept up) a given user (in this case, apache) can't be a member of more than a few dozen groups.
On others (for example, Pair Networks as explained here http://www.pair.com/support/knowledge_base/the_basics/file_permissions.html) users are all in the same group "users" but Apache isn't, so you should make files mode 707 -- accessable to you, not by other members of group "users", but accessable by everyone else, including Apache. This second isn't as good as the first, but probably more common, and keeps random other people from hijacking your site, leaving the main risk that compromise of some other server account will allow access to your files -- hopefully, that won't happen.
In any case, all the documentation shouldn't assume the worst possible case -- it should give instructions for a good setup, and then say "if you're stuck with a hosting situation which doesn't allow a safe installation...."
Mattdm 19:14, 22 January 2006 (PST)
