You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
philmck opened this issue
Aug 27, 2010
· 6 comments
Labels
BugFor errors / faults / flaws / inconsistencies etc.wontfixIf you can reproduce this issue, please reopen the issue or create a new one describing it.
When installed on a server that runs PHP in "Apache" mode (rather than "CGI" mode), temporary files created by Piwik (e.g. in /tmp/sessions) are created with default permissions of 600, which means they can't be subsequently written or modified by Piwik. They need permisions of at least 606 on this sort of server - i.e., publicly writeable.
This is such an obvious problem I can't believe it hasn't been reported, yet I haven't been able to find it (humble apologies therefore if it's a duplicate). Piwik is so close to being an excellent utility, and so close to v1.0 now it seems a pity to let this go.
The workaround implemented by my hosting company is to set up a cron job to periodically CHMOD all files in /tmp to be writeable, but this is a but of a kludge.
The text was updated successfully, but these errors were encountered:
Sadly, I can't chown files, I'm on shared hosting. My provider claims the alternatives are even less secure and wouldn't allow it anyway - there are arguments both ways, I know.
Glad to hear there are plans to address this, anyway. I defected to Google analytics for a while because of this, but it's just not the same.
If you were on a dedicated host, you could set apache's umask instead of using the hackish cron job. But on shared hosting, making your files world-writeable is a bad idea.
Your provider evidently hasn't heard of using phpsuexec for php-cgi (php runs under your user ID), or using php-fpm (which allows workers to be started with a different uid/gid or php.ini).
Id like to confirm this issue. I need to make FTP backups of my whole project folder, and my FTP client stops working when it encounters those files that are only readable by the owner.
gerritvanaaken: please use the forum for further followup (instead of commenting on a closed ticket). You can safely ignore files in the tmp folder when ftp-ing.
BugFor errors / faults / flaws / inconsistencies etc.wontfixIf you can reproduce this issue, please reopen the issue or create a new one describing it.
When installed on a server that runs PHP in "Apache" mode (rather than "CGI" mode), temporary files created by Piwik (e.g. in /tmp/sessions) are created with default permissions of 600, which means they can't be subsequently written or modified by Piwik. They need permisions of at least 606 on this sort of server - i.e., publicly writeable.
This is such an obvious problem I can't believe it hasn't been reported, yet I haven't been able to find it (humble apologies therefore if it's a duplicate). Piwik is so close to being an excellent utility, and so close to v1.0 now it seems a pity to let this go.
The workaround implemented by my hosting company is to set up a cron job to periodically CHMOD all files in /tmp to be writeable, but this is a but of a kludge.
The text was updated successfully, but these errors were encountered: