Closed (duplicate)
Project:
Drupal core
Version:
6.x-dev
Component:
install system
Priority:
Normal
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
12 May 2007 at 02:55 UTC
Updated:
12 May 2007 at 12:32 UTC
I think this is a consequence of the patches commited with this issue: http://drupal.org/node/141637
Using a fresh checkout of HEAD and an empty DB. It seems the only way to get the install process to work is to make the directory sites/default writable by the web server?
This is not described or explained in INSTALL.txt
Also, it seems the status report is now wrong- after install it reportsConfiguration file Protected
But I had to set the deirctory sites/default to 777 to get the install to work, so now I'm potentially vulnerable, right? Someone could upload a script and execute it from this directory.
Comments
Comment #1
gábor hojtsyThis was the patch, which has this consequences, not the one you point to! http://drupal.org/node/99011
Yes, I am trying to get Earl see the problem that the status report page is outdated. There is a patch already to strengthen permission checking at the end of the install process, but there is no update for the status screen. Please try to explain a third way, that the fix is not yet complete (status page and docs are not included). Follow up on that issue please. Thanks!