Data is everything in the digital age – with vital information no longer entrusted to lock and key but being stored on computers often thousands of miles away from where they were deposited. Controlling who can access this data – whether it be your bank account or your facebook photos – comes down to a simple matter of ownership, and permissions. People often get totally baffled by these core concepts so hopefully this should make a bit of sense and help you understand how it works. Once you 'get' this you're over a large hurdle when it comes to web design and hosting issues!
Joomla! User Group Suffolk - Demystifying Ownership and Permissions in Unix and Joomla!
Getting to grips with ownership and permissions Ruth Cheesley – Virya Technologies @RCheesley / @ViryaTech Did you tell people youre at @JoomlaSuffolkthis evening? Did you check in at Basepoint?
In an interconnected world, we need to control who can access what!
Some things I want to Share with everyone (the world) Emergency Phone Number (share with all who know where to find it) Some things I mightnly want to be available to me (owner) Some things I might want to share with I might want to share these groups something with just this group
World(The world, the universe, and everything – not in the same group as the owner) Group (A set of users in the same group as the owner) Owner (owns the file)
Can view the file Chmod +r / -r Numerical value = 4Read (r)Write (w) Can make changes or modify the file Chmod +w / -w Numerical value = 2Execute (x) Can run the file (generally applicable at command line) Chmod +x / -x Numerical value = 1 NOTE: Folders cannot be listed and files within cant be accessed if the folder does not have execute permissions
So what about 7s and 6s● All permission combinations are derived by adding these basic permissions● 7 represents Read (4) + Write (2) + Execute (1)● 6 represents Read (4) + Write (2)
Important considerations● Write permissions are required for moving a file● You must be owner of a file/folder to change its permissions● You need read permission on a folder to show the contents● Generally permissions are tighter for world, less so for group and least for owner
So what does 755 and 644 mean?● In Joomla! Folders should be 755 and files 644 – configuration.php should be 444● What does this mean?● Lets work it out!
What is chmod all about?● A command you can use to change the permissions on files and folders● Used in command line● Example: chmod [options] [permissions] [item] chmod +R 644 MyFolder
Why does this cause problems?● Generally down to poor setup by hosting providers (or simply lack of awareness)● Usually relates to how Joomla! was originally installed● Which user owns the files and folders, and therefore has or doesnt have permissions
File andfolder haspermissionswhich restrictwho can: If file/folder is not● Read available with● Write appropriate● Execute Trying to access and/or move access, 403 files and/or folders, or list forbidden folders will result in: FTP username is If file/folder is joebloggs available with appropriate Therefore access, access OWNED by granted joebloggs joebloggs is in the managers group
Where it goes wrong World(The world, the universe, and everything – not in the same group as the owner) Group (A set of users in the same group as the owner) Owner (owns the file)
How to fix this● Chmod the files & folders to the correct permissions, if permission is an issue (or use Admin Tools!)● Set up the server correctly - www.virya.co.uk/joomlaserversetup
The geeky stuff● If your server runs mod_php – Document root: 750 – Directories: 755 (711 if youre paranoid – only if not listed) – Files: 644● If your server runs fast-cgi, suphp or cgi – Document root: 750 – Directories: 755 (711 if youre paranoid – only if not listed) – HTML & Image files: 644 (444 if youre paranoid) – PHP files: 600 (400 if youre paranoid) SOURCE: www.virya.co.uk/joomlaserversetup
A word of warning● Its very useful to have a basic understanding of ownership & permissions to help you troubleshoot, but TAKE BACKUPS!● You can completely break things by tinkering with permissions if you dont know what youre doing!● If in doubt, speak to a geek!
Thank you! Any questions? Ruth Cheesley@Rcheesley / @ViryaTech