Timeline for Magento uploaded images and 777 permissions
Current License: CC BY-SA 3.0
11 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| S Sep 19, 2017 at 4:41 | history | suggested | Manoj Deswal | CC BY-SA 3.0 | formatting |
| Sep 19, 2017 at 4:22 | review | Suggested edits | |||
| S Sep 19, 2017 at 4:41 | |||||
| Jun 7, 2016 at 19:05 | history | edited | John P. | CC BY-SA 3.0 | added 369 characters in body |
| Jun 7, 2016 at 18:16 | vote | accept | John P. | ||
| Jun 7, 2016 at 19:04 | |||||
| Oct 18, 2015 at 18:43 | comment | added | Fiasco Labs | Probably find it's hardcoded within Magento somewhere. Since Magento must run on many different server setups, a portion which do not run the http server user/group as the ssh/sftp user/group, the files are being created as 777 so that they are accessible by everyone. You'll need to hunt the code down and create a module that creates the files with your desired permissions. This is why the media/ folder .htaccess shuts off php/cgi execution out of the folder as certain Magento operations allow frontend users to upload files which would leave a massive security hole. | |
| Oct 18, 2015 at 15:02 | history | edited | John P. | CC BY-SA 3.0 | update #3 |
| Oct 18, 2015 at 14:48 | history | edited | John P. | CC BY-SA 3.0 | added 6 characters in body |
| Oct 18, 2015 at 14:15 | history | edited | John P. | CC BY-SA 3.0 | added updates |
| Oct 17, 2015 at 13:12 | answer | added | chandra sekar | timeline score: 1 | |
| Oct 17, 2015 at 13:03 | review | First posts | |||
| Oct 17, 2015 at 14:04 | |||||
| Oct 17, 2015 at 13:02 | history | asked | John P. | CC BY-SA 3.0 |