Hi,
On Tue, Nov 1, 2016 at 5:31 PM, Gordon Messmer <gordon.messmer(a)gmail.com> wrote:
On 10/27/2016 05:48 PM, Alex wrote:
>
> I'm referring to the procedure typically used by joomla admins through
> the web-based admin interface included with joomla. It logs in as a
> system user then I believe uses sftp to upload files from the local
> desktop or somewhere on the joomla system.
As best I can tell, extensions are normally uploaded as zip files. It
should be noted, then, that the umask doesn't appear to affect that. zip
files contain some information about the permissions of the files they
contain, and at least the system "unzip" utility will honor those. You
might be chasing a wild goose if you're trying to change apache's umask to
address this.
Instead you may need to use the "manual install" process and set the
permissions on files manually:
https://docs.joomla.org/Installing_an_extension
As a security bonus, I would anticipate that manual installation would mean
that your extensions aren't owned by the apache use, and can be installed
with no write access for the apache group. So, that's something to think
about.
That's another great point. Thanks so much for your help, and follow-through.