What linux permissions are need for www?

Posted by Xeoncross on Server Fault See other posts from Server Fault or by Xeoncross
Published on 2010-03-22T01:21:39Z Indexed on 2010/03/22 1:31 UTC
Read the original article Hit count: 393

Filed under:
|
|
|

I know that 777 is full read/write/execute permission for owner/group/other. So this doesn't seem to be needed as it leaves random users full permissions.

What permissions are need to be used on /var/www so that...

  1. Source control like git or svn
  2. Normal users in a group like "websites" or added to "www-data"
  3. Servers like apache or lighthttpd
  4. And PHP/Perl/Ruby

can all read, create, and run files there?

If I'm correct, Ruby and PHP scripts are not "executed" directly - but passed to an interpreter. So there is no need for execute permission on files in /var/www. Therefore, it seems like the correct permission would be chmod -R 1660 which would make

  1. all files shareable by these four entities
  2. all files non-executable by mistake
  3. block everyone else from the directory entirely
  4. set the permission mode to "sticky" for all future files

Is this correct?

Update: I just realized that files and directories might need different permissions - I was talking about files above so i'm not sure what the directory permissions would need to be.

© Server Fault or respective owner

Related posts about linux

Related posts about www