Here is the reply from my host after I sent him a link to the UBBThreads Permissions/Install page. Since you are the expert maybe you can explain why this setup isn't working for me and I will send him here. This Thread may need to be moved to another section
Michael:
It makes no sense that your board would require that other website users (e.g., other clans on our webserver) be allowed write access to your files. When your scripts are executed, they are executed as _your_ user, not as someone else, so they have full access as long as you enable read/write/execute permissions for the _owner_.
You should never need or want to give other clans on the webserver access to your files, for security reasons. You should also be careful not to give global read access to any files that you do not want to be readable by other clans (for instance, configuration files that might have passwords in them).
In other words, your board will work just fine with 755 access to the directories and 700 access to all the scripts (php, cgi, and pl). Their install guide would appear to have been made for much less-secure (and improperly set up) systems, or single-user systems, where other rules might apply.
Here would be my recommendations.
* Any time it tells you to make a directory "777", make it "755", unilaterally. * Any time it tells you to make a file or directory "666", make it "644", unilaterally. * Additionally, chmod all files with a php, cgi, or pl extention to "700". If it uses cfg files, you should probably do it to those as well.
Those will work, and they will be much better in terms of security than what the install guide tells you.
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.