Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

While it could be better written, that's just their installer, it doesn't run in production by its very nature so might be a low priority for coding standards.

If you wanted to call them out, at least call them out for something which actually runs during normal operation.



Whoever wrote Magento thinks 777 permissions are ever the right thing to do.

Every book I've ever seen on Magento seems to think the same. That 777 permissions are just not a big deal.


From http://devdocs.magento.com/guides/m1x/install/installer-priv... :

"All directories have 700 permissions (drwx------). 700 permissions give full control (that is, read/write/execute) to the owner and no permissions to anyone else.

"All files have 600 permissions (-rw-------)."


From the Magento Enterprise tarball, which we pay enormous sums of money for: https://news.ycombinator.com/item?id=9417235




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: