What linux permissions are need for www?

Posted by Xeoncross on Server Fault See other posts from Server Fault or by Xeoncross
Published on 2010-03-22T01:21:39Z Indexed on 2010/03/22 1:31 UTC
Read the original article Hit count: 391

Filed under:

linux

|

www

|

chmod

|

permissions

I know that 777 is full read/write/execute permission for owner/group/other. So this doesn't seem to be needed as it leaves random users full permissions.

What permissions are need to be used on /var/www so that...

Source control like git or svn
Normal users in a group like "websites" or added to "www-data"
Servers like apache or lighthttpd
And PHP/Perl/Ruby

can all read, create, and run files there?

If I'm correct, Ruby and PHP scripts are not "executed" directly - but passed to an interpreter. So there is no need for execute permission on files in /var/www. Therefore, it seems like the correct permission would be chmod -R 1660 which would make

all files shareable by these four entities
all files non-executable by mistake
block everyone else from the directory entirely
set the permission mode to "sticky" for all future files

Is this correct?

Update: I just realized that files and directories might need different permissions - I was talking about files above so i'm not sure what the directory permissions would need to be.

© Server Fault or respective owner

Related posts about linux

apt-get install and update fail

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I've got a problem with apt-get update and apt-get install ... commands . every time update or installing fails and errors are : Get:1 http://dl.google.com stable Release.gpg [198B] Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en_US Get:2 http://dl… >>> More
kernel module compiling error

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
sh@ubuntu:/home/ccpp/helloworld$ make gcc-4.6 -O2 -DMODULE -D_KERNEL_ -W -Wall -Wstrict-prototypes -Wmissing-prototypes -isystem /lib/modules/`uname -r`/build/include -c -o hello-1.o hello-1.c hello-1.c:4:0: warning: "MODULE" redefined [enabled by default] <command-line>:0:0: note: this is… >>> More
Build-Essentials installation failing

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am having trouble accessing the several critical header files that show to be a part of the build process. The "Ubuntu Software Center" shows "Build Essentials" as installed: Next I did the following two commands, which did not improve the problem: ~$ sudo apt-get install build-essential [sudo]… >>> More
Updating Debian kernel

as seen on Super User - Search for 'Super User'
I'm trying to update my Debian machine to 2.6.32-46 (which is the new stable). However, after doing apt-get update my apt-cache search linux-image shows me: linux-headers-2.6.32-5-486 - Header files for Linux 2.6.32-5-486 linux-headers-2.6.32-5-686-bigmem - Header files for Linux 2.6.32-5-686-bigmem linux-headers-2… >>> More
Serial connection over a single USB cable (Windows to linux, or linux to linux)

as seen on Server Fault - Search for 'Server Fault'
I'm helping out with a project for an embedded device that only has USB and no serial. This device is running Linux. These days, when we need to connect to a serial port on a device we typically use a USB to serial adapter (on something like a phone system or a load balancing device, etc). I would… >>> More

Related posts about www

error about ACPI _OSC request failed (AE_NOT_FOUND)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have ubuntu server 11.10 64 bit I see an error in kernel.log. This error comes out when the server reboot. some port of grep APCI in kernel.log; Dec 5 09:08:51 www kernel: [ 0.588605] pci0000:00: Requesting ACPI _OSC control (0x1d) Dec 5 09:08:51 www kernel: [ 0.588667] pci0000:00: ACPI _OSC… >>> More
www do not equal no www

as seen on Server Fault - Search for 'Server Fault'
I have a website with dns pointing to my own server. the website WITH www.mysite.com lead to the right site, but the address mysite.com lead to a publicity site that I DONT CONTROL I like to make www.mysite.com and the mysite.com lead to the same DNS Can i make it with .htaccess or with google analitic… >>> More
Magento, NGINX, PHP-FPM, APC, MEMCACHED, 16gb Ram CentOS, Spiking PHP-FPM to 100% CPU

as seen on Server Fault - Search for 'Server Fault'
I have been trying to resolve my issue of spiking cpu caused by php-fpm processes. I've reduced the php-fpm config settings to: pm = ondemand pm.max_children = 12 pm.start_servers = 2 pm.min_spare_servers = 2 pm.max_spare_servers = 10 pm.max_requests = 500 php_admin_value[memory_limit] = 128M Problem… >>> More
Prevent malicious vulnerability scan increasing load on a server

as seen on Server Fault - Search for 'Server Fault'
Hi all, this week we have been suffering some malicious vulnerability scans to our servers, increasing the load on them, making them nearly unusable. The attack is easy to defend, just blocking the offending ip, but only after discovering it. Is there any form of prevent it? Is it normal that… >>> More
centos dedicated Server unresponsive for the first time

as seen on Server Fault - Search for 'Server Fault'
server was unresponsive for an hour so i rebooted it and checked /var/log/messages and found this. can anybody point out whats wrong ? Sep 28 07:39:35 www kernel: INFO: task mysqld:22749 blocked for more than 120 seconds. Sep 28 07:39:35 www kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"… >>> More