[HacktionLab] Wordpress file permissions and ownership: command line versus dashboard
Andy S
andys at bristolwireless.net
Wed Apr 2 07:47:20 UTC 2014
My advice would be that if plugin contributor doesn't understand what the
correct file permissions need to be or how to set them, should they really
be contributing potentially dangerous code/plugins to run on your WP
install?
Either way, http://wordpress.org/plugins/user-role-editor/ makes it easier
to edit/add/fine tune user roles/permissions/groups and this Stackexchange
thread advises on the typical perms to use:
http://stackoverflow.com/questions/18352682/correct-file-permissions-for-wordpress
(disclaimer: I haven't used WP as an admin so maybe don't know what I'm
talking about!)
A
On 2 April 2014 09:11, Mick - Clearerchannel.org <
mickfuzz at clearerchannel.org> wrote:
>
> On 01/04/14 22:57, Marcus Valentine wrote:
> > Say the user has written their own wordpress plugin. It needs to go
> > into plugins directory. They can't put it into the plugins directory
> > themselves as the files as owned by the web server user and the user
> > does not have root access.
> I've come across this before and wondered the same question.
>
> Then I thought, if you have a user that you wouldn't want to have root
> access you probably wouldn't want to give them access to run plugins on
> your server and would want to check them out first.
>
> If fact I've got a similar situation now - I'd like a group to be able
> to log in with a GUI tool and take a back up before before doing their
> upgrades. But I'm wondering if they would have read access to all files.
> to do that.
>
> The alternative is to give root access via a shell but that's a steep
> learning curve.
>
> nice one
>
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
--
*http://www.bristolwireless.net/* <http://www.bristolwireless.net/>* | **0117
325 0067 | **sip:info at bristolwireless.net <sip%3Ainfo at bristolwireless.net>*
*Bristol Wireless*
* Windmill Hill City FarmPhilip StreetBedminsterBristol BS3 4EA*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.aktivix.org/pipermail/hacktionlab/attachments/20140402/4494bd5a/attachment.html>
More information about the HacktionLab
mailing list