apache /var/www/... permissions

dgrant · Posted: Sat May 22, 2004 10:48 pm Post subject: apache /var/www/... permissions

What should the permissions of my /var/www/<servername>/htdocs directories be?

Apache is running as apache:apache but I also want to be able to edit the files as my normal user: "david". One idea that I've had is:

-Everything chown to david:apache
-Make apache user a member of apache group if not already
-Set write permissions for user (david in this case)
-Read permissions for apache group

So something like 750?

And how do I get new files which are created to have those permissions by default?

ikaro · Advocate Joined: 14 Jul 2003 Posts: 2527 Location: Denmark

i guess that would work.
_________________
linux: #232767

dgrant · Posted: Sat May 22, 2004 11:21 pm Post subject:

Is there any security danger there though? I'm not an expert on this type of thing.

Also, what about directory permissions? Same as files?

Kope · Tux's lil' helper Joined: 17 May 2004 Posts: 136

Frankly, it's a bad idea.

You don't want your production files to be owned by someone wtih a shell. You don't want apache running as a user with a shell. Bad all around.

Create a sandbox to make and test your changes in. Use 'su' to copy the changes over to the apache tree when you're happy with them.

dgrant · Posted: Sat May 22, 2004 11:35 pm Post subject:

Apache wouldn't be running as a user with a shell. Apache would be running as apache:apache which is the default in /etc/apache/conf

So maybe I could keep my files in my cvs repository and then do a cvs export to the web dir when I'm ready?

7dave7 · n00b Joined: 21 Sep 2003 Posts: 12

Make your user david a member of the apache group, make sure the apache group has write access to the files you want to modify (i.e. chmod 760).