New installs are all set to permissions 777

[trogladyte]

Steps to reproduce the issue

Brand new install of 5.2

Expected result

Directories 755
Files 644

Actual result

Directories and files 777

System information (as much as possible)

FPA at https://forum.joomla.org/viewtopic.php?f=834&t=1012790#p3733254

Additional comments

My web hosts replied to my query about this:
"I believe I have found the cause of the issue you are having. I am assuming you installed the Joomla files using the zip archive at /home/wwwckde/public_html/Joomla_5.2.0-Stable-Full_Package.zip. I used the zipinfo command to analyze the metadata of the files in the archive and it appears the 777 permissions are from the archive itself. For example this is the output when filtering for the README.txt file. The section "-rwxrwxrwx " is the equivalent of 777 permissions:

[wwwckde@migration public_html]$ zipinfo Joomla_5.2.0-Stable-Full_Package.zip | grep README.txt
-rwxrwxrwx 3.0 unx 5275 tx defN 24-Oct-11 07:24 README.txt

It appears that the file system is simply preserving the file permissions from the zip file. I would suggest using these commands to correct the permissions as soon as the files are extracted."

[Webdongle]

Unable to replicate on a Hosting server. It only happens to me when I install on localhost on a windows OS pc.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/44331.}

[brianteeman]

I can confirm this serious bug with 5.2
5.1.4 is fine

[richard67]

4.4.9 is fine, too. Issue is related to the build environment, not an issue with the build script.

[Webdongle]

hmm
Just unpacked J5.2.0 on a subdomain and folders were set 705. And files 777

[brianteeman]

doesnt matter what caused the problem - the fact is this is a serious issue that must be resolved asap @SniperSister

[SniperSister]

The JSST is aware of the issue, plan is to ship a 5.2.1 with correct permissions.

[richard67]

As far as I could see this issue affects only new installations of 5.2.0 stable.

Updated installations do not have it as the updater fixes the permissions to 644 for files and 755 for folders (file extract.php). This applies to sites updated from e.g. 5.1.4 to 5.2.0 stable as well as sites updated from 5.2.0 stable to 5.2.1-dev nightly of today. So with the next update also current new installations should be fixed.

This just to share the info. I do not say that it's not an issue.

[Webdongle]

So how difficult is it to copy 5.2.0 to 5.2.1, fix the way it is packaged and present a 5.2.1 full zip with a 5.2.1 update?
Is it just a mater of a few lines of code or is it hours of work?

[richard67]

I'm not a 5.2. release manager so it's not on me. But I think you can also fix it by using the Reinstall Core Files button in the Joomla Update Component.

[richard67]

I mean the "Reinstall Joomla! core files" button. It is shown in the update component after searching for updates using the "CHeck for Updates" button. It fixes permission at least for the files (but not the folders, it seems).

[brianteeman]

it is not a simple task

[richard67]

Those who have ssh access to their host can also fix it on the command line when having changed directory to their Joomla root directory:

find ./ -type f ! -name ".htaccess" -exec chmod 644 {} \;
find ./ -mindepth 1 -type d -exec chmod 755 {} \;
chmod 600 ./configuration.php

(On certain shared hosts you might have to adjust the mode values to your needs.)

[Webdongle]

But that doesn't fix the problem though.

[richard67]

But that doesn't fix the problem though.

Sure, but it's a workaround for those who can do it.

[trogladyte]

Even easier if you have Akeeba Admin Tools - just click "Fix permissions". But, like using SSH, it's not a fix, just a repair.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/44331.}

[Webdongle]

Even easier if you have Akeeba Admin Tools - just click "Fix permissions". But, like using SSH, it's not a fix, just a repair.

Professional not core