<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.E-mailStijl17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=NL link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Hallo,<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Using an FTP-client for changing protection codes, I do not have
the possibility to set the guid bit (I mean chmod 2777) ?!<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>And (my) ftp direct does not have a chmod at all?<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>So that ‘trick’ is not possible for everybody?<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Greetings<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> Peter<o:p></o:p></span></p>
<p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>Van:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> pmwiki-users-bounces@pmichaud.com
[mailto:pmwiki-users-bounces@pmichaud.com] <b>Namens </b>James M<br>
<b>Verzonden:</b> dinsdag 23 december 2008 1:39<br>
<b>CC:</b> pmwiki-users@pmichaud.com<br>
<b>Onderwerp:</b> Re: [pmwiki-users] Security breach?<o:p></o:p></span></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<div>
<p class=MsoNormal>On Mon, Dec 22, 2008 at 11:53 PM, DaveG <<a
href="mailto:pmwiki@solidgone.com">pmwiki@solidgone.com</a>> wrote:<o:p></o:p></p>
</div>
<div>
<div>
<blockquote style='border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;
margin-left:4.8pt;margin-right:0cm'>
<p class=MsoNormal>Setting things to 755 is safer than 777. The question is,
will that work<br>
on your site, with your host, with your version of PHP, with the setup<br>
of the webserver you have? I don't know. Easiest way to find out is<br>
after creating wiki.d and uploads, to set them to 755; if you can create<br>
or edit a wiki page through the normal way, then your done.<o:p></o:p></p>
</blockquote>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'>As far as I understand, setting
to 755 won't usually work (and doesn't on my system), unless the server has the
same user id as the owner of the pmwiki directory: with 755 only the user
(owner) has write permission. Pm's suggestion of using the setgid bit is a way
round that. <o:p></o:p></p>
<div>
<p class=MsoNormal>So it seems the correct steps are as follows:<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>1. In the pmwiki directory, type<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>chmod 2777 .<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>(with the dot) - this makes the pmwiki completely open for
the moment, but it has the added effect of using the setgid bit (that's what
the 2 refers to in 2777)<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>2. Execute pmwiki.php through your browser. This will
create the wiki.d directory. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>(Suggestion: if you already have a wiki.d directory, rename
it say to xwiki.d. create the wiki.d directory as above and then move all the
files across - there's prbably a better way - but I don't know what it would be
- I think you need the server to be the new owner)<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>If you use uploads, then do an upload to create the new
directory (perhaps this can be improved) (and use the same trick as before if
you already have an uploads directory)<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>3. Still in the pmwiki directory, type<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>chmod 755 .<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>and that reverts the pmwiki directory to be as it was before
you started. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>The upshot is that the wiki.d (and uploads) directory is now
owned by the server - and the ownership is recorded as "apache" or
"nobody" (it's "apache" on mine) or perhaps something else,
but this magic setgid (set group id) makes sure the server is in the same group
as you (the user), so you can administer the files too. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>Does that make sense? (And is it correct? - I'm not a
unix expert - just a long-time long-in-the-tooth user)<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>James<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</body>
</html>