Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Linux433988y@dieterdw
I hope you are joking, otherwhise you are making shit dangerous for you and your customers... -
Voxera113778y@Linux the question there should be "why do they even have permission"
That should be devops or sysadmin chores.
But in the other hand, if 777 is the developers solution, odds are that they are also devops AND sysop ;) -
Linux433988y@sylflo @Voxera
Well, they are our customers. I have pointed that our several times but they do not listen/care. Even if the site got hacked twice (big ecommerce site)
I just do not care anymore. I have tried do ny part. -
Voxera113778y@Linux ok I understand :/
One reason we only build services that run on our own hardware, customers only get to work through the webbrowser.
Not that it prevents them from making problems but the are a bit more contained ;) -
@Linux To be honest, (backend dev and server guy as well) I do this sometimes. I have had cases where some requires were not working and after a few hours of trying to chmod/chown stuff and it still not working I just 777'd it so I could at least continue developing. But, this was solely on my own machine, DEFINITELY NOT on a production server.
-
Linux433988y@linuxxx
Well, you do it in a non production machine. The devs I have to deal with - do it in production. -
@Linux To be way too honest, I've done it in production once. I did pentest myself to death until couldn't think of another way to access it when all 'trying to access' tests failed :P.
But never again though, it's very bad security practice and I'm well aware of this. -
mundo0349018y@Linux exactly, as a dev you can do it ok your own machine just to make things work, then let the devops deal with it in prod :p
-
Linux433988y@soup-bowl
Well, as long as the site cant access any folder outside its documentroot, the server should be fine.
I think -
You know what? There should be a function that runs
ls -lR | tr -s " " | cut -d " " -f1,9 | egrep [-d]rwxrwxrwx
and if there's a hit simply disable them until the proper permissions are set.
PS: The above command recursively searches for files or directories with a 777 permission and prints them.
When so called developers "fixes" things by setting 777 on directories...
Please do not call yourself a dev
undefined