Apache2's recursive directory permission requirement
Posted
by
Sn3akyP3t3
on Pro Webmasters
See other posts from Pro Webmasters
or by Sn3akyP3t3
Published on 2012-11-05T21:23:30Z
Indexed on
2012/11/05
23:19 UTC
Read the original article
Hit count: 488
The experience I've had thus far is from Ubuntu 10.04 and 12.04 64 bit OS so if there are other OS differences I'd like to know if this is an OS specific problem or not.
The issue I've experienced is mostly confusion. Once the cause of the problem is identified and corrected there are no further related problems experienced. The symptom is Error 403 forbidden. Typically the cause is attempting to use a directory other than /var/www/ for content.
The cause is simply permissions, but its puzzling why the required permissions must persist from at least one level deeper than root onward till the current working directory where the content is stored. For example:
Alias /example/ "/home/user/permissions/can/be/confusing/with/apache/"
<Directory /home/user/permissions/can/be/confusing/with/apache/>
Options FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
With www-data being the user that spawned apache and "user" being a member of the www-data group. Thus, if ownership of /home/user/* is user:user then all that is necessary to display content with apache is permssions of read and execute. So d---r-x--- should suffice, but for practical purposes I'm using drwxr-x--- for most.
However, if all directories /home/user/* are permissions of drwxr-x-- and /home/user/ itself has permissions of drwx------ then content will always fail with error 403. This is strange because it doesn't follow what I would consider traditional logic of permissions which should only be applicable to the current working directory or a particular file in that directory and not any directory further back in the chain.
Is this by design or is it a bug?
© Pro Webmasters or respective owner