Hi
I finally installed my Drupal 5.1 ; 2 questions pop up in my mind :

- Should i remove the file "install.php" from the root directory ?
- Should i chmod the file "settings.php" to other priviledges than 777 ?

Thank you

Comments

vm’s picture

Drupal changes my CHMOD on settings.php to 644 at the last stage of installation. I've successfully run a site at CHMOD 444 on settings.php.

install.php does not need to be removed it won't run twice. which is evident by trying to pull it back up in a browser.

poloparis’s picture

Thanks VeryMisunderstood for the quick response.

reubenavery’s picture

I always delete install.php after an install. I can think of scenarios just off the top of my head where it indeed would be allowed to run twice and with shoddy security on the sever (like giving mysql root a blank or easy pw for example), definite vulnerabilities can be encountered.

vm’s picture

well yea. if the security on the server is shoddy to begin with most anything is possible.