Clarification about ftp layer security

[spike1968]

Hi,

I have been using Joomla in its many forms for years, in fact since it's mambo days and have always found file permissions the biggest headache.

It has always been my understanding that setting all your file permissions read/writable to allow certain aspects of Joomla to work properly is a security risk and so minimising the level of read/writable files is always preferable.

Then 1.5 can along with ftp layer and this overcame many linux/apache issues, ownership of files was allocated to ftp user instead of apache which gave lots more flexibility with customisations to components, modules etc.

Furthermore it mean't joomla could run with all folders set to 755 and files 644 without problems and this helped security issues.

Now we have moved onto 1.6/1.7 and some developers of third party extensions (i.e sobipro) are recommending that ftp layer should be disabled because it is a 'bad idea' and 'server is miss configured'. See NEOs statement (shown below).

"As I wrote you before, your server is miss configured.
You are using FTP-Layer which is extremely bad idea. FTP-Layer is a workaround for poorly configured server. You are using hosting which is dedicated for Joomla! so there are hardly such issues that you need to use it.
The results is that your files belong partially to Apache and some other to FTP which is a real nightmare and simply cannot work properly."

The reason for this post is to get clarification from the developers on the following points:-

Is it now recommended by Joomla developers to disable ftp layer to allow third party extensions to work properly.

Or

Is this just an excuse provided by the developers of third party extensions who are struggling to come to terms with Joomla changes to 1.6/1.7.

If the former is true then why does ftp layer exist, but if the latter is true then what has changed so much that third party developers cannot deal with ftp layer effectively.

Cheers
Martyn

[abernyte]

Joomla has no control over the set-up of a users server.
The best scenario is that PHP runs as fCGI with suEXEC so that scripts executed by user1 can't be executed by user2.
If suEXEC is not used then php runs scripts either as perl or cgi but as a shared user so Apache or Nobody. So while suEXEC provides a useful partitioning between users it also limits the damage from hacked sites in shared hosting as it confines the hack to one user.
The ftp layer was introduced to provide the "FTP User" without have to ask the Host to give the correct ownership in a server without Joomla optimal configuration.
It still serves that purpose but as an increasing number of servers now use suEXEC then there, it is not required and presents an additional slight risk which can be eliminated by not using it.

[PhilD]

It is not an excuse provided by anyone and the soniPro developer is correct. The ftp layer is a work around for a poorly configured server which will have file/directory ownership issues and therefore permission issues which is a real nightmare to say the least.

On a properly configured server the ftp layer is never needed and should not be configured at all as there will be no issues of file/directory ownership and therefore no issues with permissions.

Read through these two articles and I think you will understand better the difference between an improperly configured server and a properly configured server.

http://www.joomlatutorials.com/joomla-t ... ation.html

http://www.joomlatutorials.com/joomla-t ... uexec.html

[spike1968]

thanks abernyte, some useful info there.

PhilD, you say 'on a properly configured server the ftp layer is never needed', i use the ftp layer so that I don't have to give folders 777 permissions, are you saying that that is more secure than using ftp-layer?

[mandville]

using the word generally...
suphp - more secure
using ftp layer - less secure
using 777 directories - least secure

[PhilD]

thanks abernyte, some useful info there.

PhilD, you say 'on a properly configured server the ftp layer is never needed', i use the ftp layer so that I don't have to give folders 777 permissions, are you saying that that is more secure than using ftp-layer?

On a properly configured server, there is never a need to elevate permissions of files or directories to anything beyond 644/755 server defaults.
If you have to elevate permissions of directories/files beyond 644/755 to install extensions, or for any other reason, then your server is not properly configured for operation of a modern CMS such as Joomla.

You should request that your domain be moved to a server that runs php as a cgi process along with suExec, or suPHP or a similar setup. This was explained in the links I gave you.

Mandville has the order of security "safeness" correct.