Setting up Movable Type

N

Nick

Guppy
Hi I'm installing Movable Type 3.17 under the shared Linux plan, and I am unsure of what to do for the last step (#5) in "Uploading Files"
Create your weblog directories
Create the directory where you weblog files will be stored. This is the directory that you chose for the location of your weblog directories.

If you are not running Movable Type under cgiwrap or suexec, set the permissions of the directories you just created to 777 (see above for what this means).
Click to expand...
I dont know if my server has cgiwrap or suexec, and I am not installing Movable Type in my cgi-bin, so I'm not sure if that automatically cancells me out.

And what directory do they want you to chmod to 777? The Movable Type interface directory (myblog.com/mt) or where the actual blog is going to be (myblog.com)?

I've installed Movable Type several times before, but I never remember what I did for this last step. Hopefully someone else here has recently set up Movable Type or knows what the above step means.
 
777 would be the directory you created for mt, so /mt, I did not realize MT required 777, seems to be a bit of a security risk there to me.
 
Stephen said:
777 would be the directory you created for mt, so /mt, I did not realize MT required 777, seems to be a bit of a security risk there to me.
Click to expand...
Nope, it's not for the MT cp. For the blog (so like, myblog.com). Why exactly does this pose a security risk? Did you read my first post asking about if I am allowed to use cgiwrap?
 
All files being 777, it global writable,and just in general, not a good practice, as for cgiwrap, I don't think it will work.
 
Ok, I see. But since this is standard practice for setting up MT, I think I'll be safe -- as there are millions of people that use it without any sort of prolems :D
 
Strange reasoning.. I've personally found a few exploitable security problems in fairly widespread content management systems :p
 
Yeah, and believe me I have had my share of problems with BBS systems and CMS. But I think Movable Type is one of the most stable of all CMS'. If there was any sort of big exploitable hack it would be a BIG deal. As far as I know, there biggest problem recently has been comment and trackback spam, which isn't even any sort of hack, just spamming. (There have since been security measures against even that.)
 
You must log in or register to reply here.
Back
Top