Don't tell people to run chmod -R 755 on their install if update fails #13628

fdellwing · 2018-10-18T19:10:29Z

Related to #13626

Please don't tell people to run chmod -R 755 /var/www/piwik. This will make all the files executable by everyone.

Either use chmod -R 754 /var/www/piwik (the easy solution) or find /var/www/piwik -type d -exec chmod 755 {} \; (the good solution).

The text was updated successfully, but these errors were encountered:

mattab · 2018-11-13T10:57:19Z

Thanks for the suggestion: pull request welcome @fdellwing

fdellwing · 2018-11-13T11:00:23Z

@mattab There is a PR for this: #13630

Findus23 · 2018-12-27T18:20:55Z

See also #4046

@Findus23

fix #13628 For not writable directory it generated eg this: ``` chown -R foo:localaccounts /var/www/matomo find /var/www/matomo/tmp -type f -exec chmod 644 {} \; find /var/www/matomo/tmp -type d -exec chmod 755 {} \; ``` for auto update it also adds execute permission for `console` ``` chmod 755 /var/www/matomo/console ``` Not sure if any other file needs permission to execute? Couldn't think of any right now. Of course the find commands above they don't change the permission of any symlinks or so. Not sure what users possibly have in there and if it could create some issue. Could extend the find command to something like `-type f or -type l`. Also generally not sure if `find` is compatible like this on all *nix. @Findus23 maybe any thoughts?

@Findus23

#14412) fix #13628 For not writable directory it generated eg this: ``` chown -R foo:localaccounts /var/www/matomo find /var/www/matomo/tmp -type f -exec chmod 644 {} \; find /var/www/matomo/tmp -type d -exec chmod 755 {} \; ``` for auto update it also adds execute permission for `console` ``` chmod 755 /var/www/matomo/console ``` Not sure if any other file needs permission to execute? Couldn't think of any right now. Of course the find commands above they don't change the permission of any symlinks or so. Not sure what users possibly have in there and if it could create some issue. Could extend the find command to something like `-type f or -type l`. Also generally not sure if `find` is compatible like this on all *nix. @Findus23 maybe any thoughts?

Findus23 added the c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. label Oct 18, 2018

taylankasap mentioned this issue Oct 20, 2018

Change recommended command to make directories writable #13630

Closed

Findus23 added the Help wanted Beginner friendly issues or issues where we'd highly appreciate community's help and involvement. label Oct 20, 2018

mattab added this to the 3.10.0 milestone Mar 18, 2019

mattab mentioned this issue Mar 18, 2019

System check update message regarding config file permissions #4046

Closed

tsteur mentioned this issue May 5, 2019

Don't tell people to run chmod -R 755 on their install if update fails #14412

Merged

tsteur self-assigned this May 5, 2019

diosmosis closed this as completed in #14412 May 17, 2019

GTVolk mentioned this issue Apr 22, 2022

[Snyk] Fix for 6 vulnerabilities DevVault/matomo#1

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Don't tell people to run chmod -R 755 on their install if update fails #13628

Don't tell people to run chmod -R 755 on their install if update fails #13628

fdellwing commented Oct 18, 2018

mattab commented Nov 13, 2018

fdellwing commented Nov 13, 2018

Findus23 commented Dec 27, 2018

Don't tell people to run chmod -R 755 on their install if update fails #13628

Don't tell people to run chmod -R 755 on their install if update fails #13628

Comments

fdellwing commented Oct 18, 2018

mattab commented Nov 13, 2018

fdellwing commented Nov 13, 2018

Findus23 commented Dec 27, 2018