Hi,
I've played about with this CMS and I'm very impressed, top job!
However (and you knew that was coming) I want to use it on a shared server and when I asked the server's admins about using a CMS they said that all of those that they have come across require that files which are uploadable are writeable directly by the webserver. This means that all the users of the servers would be able to write to the files appareantly. Is this true for CMSMS, please say it isn't so!
Cheers!
Secuirty concerns
Re: Secuirty concerns
For installation, the following directories need to be writable: uploads, tmp/cache, and tmp/templates_c. However, after install, uploads can be turned off. As for cache and templates_c, it technically possible to lock them down as well, but you'd have to turn cacheing off everywhere. It's not a huge deal to do this (edit 1 or 2 files), it definatly hits the performance a little bit...
Thanks for the kind words. If you need details, let me know and I'll dig up some code.
Thanks for the kind words. If you need details, let me know and I'll dig up some code.
