Add current user to ghost group #311

sebgie · 2017-07-07T14:55:12Z

To allow the user that has installed ghost to edit files within the /content folder it is necessary to add the currently active user to the ghost group. This behaviour was removed in #296 because the user needs to log out and in again to activate the new group.

Changes required:

add user to ghost group (removed here: c499480#diff-39682f6dabedcf585eccc2dc12de55d8L42)
change permissions for the /content folder (see Ghost folder & file permissions #294)
- Ghost folder & file permissions #294 is important so that we are not accidentially give execution permissions to an uploaded file. This could lead to an exploit being uploaded via the file upload and executed via a vulnerability in another service running on the same machine.
add a warning that the user needs to log out/in to acquire group permissions

The text was updated successfully, but these errors were encountered:

refs TryGhost#311 - add handling to linux extension that ensures the user is correct

acburdine · 2017-07-11T03:04:45Z

Closing this as it's replaced by #317

acburdine added the needs info label Jul 8, 2017

This was referenced Jul 8, 2017

ghost exec/ghost repair-permissions commands #317

Closed

fix(run): better handling of ghost linux user during ghost run #327

Closed

acburdine added a commit to acburdine/Ghost-CLI that referenced this issue Jul 10, 2017

fix(run): better handling of ghost linux user during ghost run

7d107d8

refs TryGhost#311 - add handling to linux extension that ensures the user is correct

acburdine closed this as completed Jul 11, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add current user to ghost group #311

Add current user to ghost group #311

sebgie commented Jul 7, 2017

acburdine commented Jul 11, 2017

Add current user to ghost group #311

Add current user to ghost group #311

Comments

sebgie commented Jul 7, 2017

acburdine commented Jul 11, 2017