diff options
author | Andrey Andreev <narf@devilix.net> | 2015-02-03 09:53:05 +0100 |
---|---|---|
committer | Andrey Andreev <narf@devilix.net> | 2015-02-03 09:53:05 +0100 |
commit | 6e8a202f7044cd369300982c33e7fe5160f21959 (patch) | |
tree | 386103ea64631e4a6976c7975bab24d233b27110 | |
parent | 43df7bda07b1d0949bd50fb21148668fa6c235f5 (diff) |
[ci skip] Suggest 0700 instead of 0600 for session save_path dir
Related #3545
-rw-r--r-- | user_guide_src/source/libraries/sessions.rst | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/user_guide_src/source/libraries/sessions.rst b/user_guide_src/source/libraries/sessions.rst index bf0d7a49c..ac0ca27f5 100644 --- a/user_guide_src/source/libraries/sessions.rst +++ b/user_guide_src/source/libraries/sessions.rst @@ -493,7 +493,7 @@ also steal any of the current sessions (also known as "session fixation" attack). On UNIX-like operating systems, this is usually achieved by setting the -0600 mode permissions on that directory via the `chmod` command, which +0700 mode permissions on that directory via the `chmod` command, which allows only the directory's owner to perform read and write operations on it. But be careful because the system user *running* the script is usually not your own, but something like 'www-data' instead, so only setting those @@ -503,7 +503,7 @@ Instead, you should do something like this, depending on your environment :: mkdir /<path to your application directory>/sessions/ - chmod 0600 /<path to your application directory>/sessions/ + chmod 0700 /<path to your application directory>/sessions/ chown www-data /<path to your application directory>/sessions/ Bonus Tip |