Graffiti CMS - do I really need to 777 the entire install?

Question

I am trying to install GraffitiCMS on my rackspacecloud account. It is mostly working, but it seems I pretty much have to set everything to 777 to get it to work? Is that even reasonable?

While I am not security expert, it seems that having to basically leave the door wide open to everyone in the world is not a great solution.

Am I misunderstanding what Graffiti needs? If it really needs that, can this product be seriously considered a viable option?

Answer 1

It depends on the version of Graffiti CMS and your web server. In the past Graffiti has written directories and default.aspx files to support urls without extensions (i.e. mysite.com/post). This does require write/modify permissions for the account that your App Pool is running as to the root of your site. Typically this is the Network Service account. You do not need to give everyone elevated permissions.

However if you are using the latest open source version of Graffiti CMS on CodePlex, and IIS 7.0 or above, it uses URL routing and does not write directories/files for posts. In this scenario the service account would only need write permissions for the file storage folders.

Hope that helps.

Answer 2

will it break if you set it back after the installation? i think its just needed to write some static stuff like db connect into php files.