Following a discussion with chx, it seems it could be an interesting addition on the checklist (currently at admin/logs/status) to check whether the server is allowed to write its own directories.

Such writing needs to be allowed to the files area, but is probably not useful elswhere.

It might also be checked during the install.

Comments

chx’s picture

chx commented
Component: admin.module » install system

admin.module is gone for quite some time now.

pasqualle’s picture

pasqualle
Location 🇭🇺 Budapest
commented
Version: 6.x-dev » 7.x-dev
cafuego’s picture

cafuego commented

The installer will not currently not allow the user to continue if the files/ directory and settings.php aren't writeable.

As for writing elsewhere, I don't think you can or should check each subdirectory for write permission. It'll take a while and in some cases (say a shared host with suPHP) it might not be possible for the user to make other directories not writeable.

Perhaps a "security check" contrib module that checks whether there are any writeable files or directories (that shouldn't be) is a better idea.

chx’s picture

chx commented

Not every subdir. If we can write modules/node, I bet we can write modules/user.

fgm’s picture

fgm
Primary language French
Location Paris, France
commented

Wow, things changed a lot since 2007 !

These days, one symptom I often notice in dev environments is the case of mixed drush/web work with improper perms, where some files under sites/(site)/files/* are not writable by the web host because someone ran a drush command which created improperly permissioned files which the web version can no longer modifiy/remove, like image(cache) derivatives or aggregated JS/CSS files.

And the sites directory/settings.php writable in such situations is still altogether too common after initial install, for much the same reasons.

Status: Active » Closed (outdated)

Automatically closed because Drupal 7 security and bugfix support has ended as of 5 January 2025. If the issue verifiably applies to later versions, please reopen with details and update the version.