Hi Ted, On 05/31/2013 10:46 PM, Ted Byers wrote:
Can someone explain to me how one reconciles the ownership and permissions requirements for updates with those for ensuring system security, and what series of commands I should enter to put that into effect (relating that to the documentation of chown and chmod, would help me understand the how of it, if you don't mind).?
first of all, I do not use WordPress on a productive system, so others may be able better to point you to some nice documentation. However, I can try to explain the principle. On your Linux server, the webserver is run by a dedicated user account. For static web pages, it is sufficient that this apache user can read the files. In such an environment, you would usually upload the files with your own user account, and set the permissions on these files so that the apache can read, but not write them. Instead of the numeric values in your examples - which you can read about e.g. with `info coreutils`, node 'Setting Permissions' - this would be "u=rw,go=r" (user can read+write, users in the same group and other users can only read it). Directories will additionally need the 'x' permission for all in order to be searchable. However, as WordPress stores data in certain places you have entered via the web interface, the apache user needs to be able to write to these files/directories. There are 2 options: either the files have the same group as the apache user and you give it 'g+w' (group writeable) permissions, or you open the permissions to every local user with 'o+w' (writeable to others). The note about installations maintained by several users targets the situation where these accounts all belong to the same group and the files are group writeable (plus writeable by others if the apache user requires it for running WP). See also: * info coreutils 'chmod invocation' * info coreutils 'chown invocation' * info coreutils 'chgrp invocation' Again, you have to consult the WP documentation to know which parts do or do not have to be writeable by the apache user. Hope this helps. Have a nice day, Berny -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org