I began the SPIP configuration process, and the first screen told me to make several directories world writeable. These directories were : CACHE, IMG, ecrire(!), and one below ecrire.
SPIP (i.e. the php executed by the server) needs to be able to write files in :
– the CACHE direcotry for the cache system
– the IMG directory when you upload files and attach them to your articles,
– the data directory for logs, backups, etc...
– the ecrire directory to write configuration files.
Actually, SPIP’s online help suggested "chmod 777", but the effect is to make the directories world writeable. Isn’t that a bit of a security risk ? I host on a shared server, and I believe other customers of Pair could now drop down into those directories to make changes. I’m rather worried about that.
The problem is that the server needs to have the right to write in these directories. With most of the ISP, the server is not in the same group as you, so you have to give the rights to all the world for it to have the right to write.
You could try to see if giving the rights only to the group is suffisient (but then, there is no guarantee that all the other users are not also in your group ;) ).
But, in ecrire, you do not have to give the writing rights on all the files, SPIP must be able to create files and write in inc_connect.php3 I think.