Permisssions Issue

M

Mayhem30

I'm hoping someone can clear things up for me.

What I'm trying to do is have the apache as the owner of all my web files - but let my username have read / write access to the files (so I'm able to sftp in as "mayhem" and edit the files).

In the /etc/group file, I have :

Code: 
www:*:80:mayhem

All my webfiles are set to www:www (dir = 755 / files = 644)

I belong to the www group - should this not give me full access to the files?
 
Mayhem30 said:
All my webfiles are set to www:www (dir = 755 / files = 644)

I belong to the www group - should this not give me full access to the files?
Click to expand...

No. The owner has read, write, execute on directories, the group and world have read and execute. You are not the owner.

Handbook: 3.3 Permissions
 
I've always been confused by the whole owner, group and world part.

If i set a file / dir to 777, that gives read / write / execute to every user on the system, correct?

Is this a security risk from outsiders just visiting the website? Does 777 give them permission to do anything with the files?
 
Mayhem30 said:
I've always been confused by the whole owner, group and world part.

If i set a file / dir to 777, that gives read / write / execute to every user on the system, correct?

Is this a security risk from outsiders just visiting the website? Does 777 give them permission to do anything with the files?
Click to expand...

It's never a good idea to make files or directories world writable. Set the permissions like this:

Code: 
chown -R mayhem:www /path/to/website
find /path/to/website -type d -exec chmod 755 {} \;
find /path/to/website -type f -exec chmod 644 {} \;

That will give you, as the owner, full permissions while the www user and world can only read.
 
You must log in or register to reply here.
Back
Top