utopiArte

utopiarte@tupambae.org

ES EN DE
seres #sapioSexuales

#communityAccount | #rolePlay
#profileActing

#justSayin

“Words ought to be a little wild, for they are the assault of thoughts on the unthinking.”
John Maynard Keynes

ghostWriter:

@bitPickup
"I pick up what goes around and comes around."

@jesuiSatire

"Dicen que ay que colocar las utopías tan altas que casi se pueda llegar ♥ "
@requeteChe🧉

List of links to posts:
CC search engines and libraries

mʕ•ﻌ•ʔm ᘛ⁐̤ᕐᐷ
¿ ẞ ™ © ¶ ª ✓ 💯 ⏻ ª ñ ö ä ü ß ¡
<🤬∞zenπ √ ° ^ • ∆ $%&!"siert👹 >
███████
🧵

Tumpambae, Friendicaland

Ask

friendica

-- Anzeige/Ad -- [X]

#Explore| ℹ️| 💬| ☕| ☎️| @ |

| ❤️

friendica

utopiArte

1 Jahr her (Empfangen 2 Monate her) • •

utopiArte
1 Jahr her (Empfangen 2 Monate her) • •

Implications of access by the user www-data to all friendica folders

@Friendica Support

Hi there,
the friendica helpers page describes the installation process of friendica as follows:

/help/Install: wrote:

The Linux commands to clone the repository into a directory "mywebsite" would be```
git clone github.com/friendica/friendica… -b stable mywebsite
cd mywebsite
<br /><br />`bin/composer.phar install --no-dev`Make sure the folder view/smarty3 exists and is writable by the webserver user, in this case www-data
mkdir -p view/smarty3
chown www-data:www-data view/smarty3
chmod 775 view/smarty3
```
Get the addons by going into your website folder.
cd mywebsite
Clone the addon repository (separately):

Implications of access by the user www-data to all friendica folders

@Friendica Support

Hi there,
the friendica helpers page describes the installation process of friendica as follows:

/help/Install: wrote:

The Linux commands to clone the repository into a directory "mywebsite" would be```
git clone github.com/friendica/friendica… -b stable mywebsite
cd mywebsite
<br /><br />`bin/composer.phar install --no-dev`Make sure the folder view/smarty3 exists and is writable by the webserver user, in this case www-data
mkdir -p view/smarty3
chown www-data:www-data view/smarty3
chmod 775 view/smarty3
```
Get the addons by going into your website folder.
cd mywebsite
Clone the addon repository (separately):
git clone https://github.com/friendica/friendica-addons.git -b stable addon

askubuntu.com: wrote:

What is the www-data user?
askubuntu.com/questions/873839…
The web server has to be run under a specific user. That user must exist.If it were run under root, then all the files would have to be accessible by root and the user would need to be root to access the files. With root being the owner, a compromised web server would have access to your entire system. By specifying a specific ID a compromised web server would only have full access to its files and not the entire server.

I guess this observation goes both ways, a compromised friendica instalation get's access to all the friendica folders if I choose to first create/activate the www-data user, than create the friendica installation folder structure, than git clone friendica, than create the smarty3 folder and ultimately do the git clone of the addon folder as described here:
tupambae.org/display/0ac89072-…
The order in which the creation of www-data related folders in the above case is described makes all folders and files in the friendica directory belong to www-data.
In the friendica help description first comes the git-clone, than the the smarty3 folder part than the addon git-clone. Actually I guess that last part would make the addon folder belong to www-data too if I run one command after another. Is that intended?

I wonder if this could have some kind of security implications.
I guess www-data is somehow the friendica site and has permissions to do "what ever it wants" (-> "writable by the webserver user") with all the folders in the friendica directories if it's the owner of them.

@TupambAdmin [stable]

@Friendica Support @TupambAdminOrg [2024.03]

Diese Webseite verwendet Cookies. Durch die weitere Benutzung der Webseite stimmst du dieser Verwendung zu. https://inne.city/tos

Verbinden Sie Ihr Profil hier wahlweise auch mit Twitter, BlueSky, Wordpress, Blogger und anderen Plattformen...

⇧