Is adding users to the group www-data safe on Debian?
- by John
Many PHP applications do self-configuration and self-updating. This requires apache to have write access to the PHP files. While chgrp'ing them all to www-data appears like a good practice to avoid making them world writable, I also wish to allow users to create new files and edit existing one.
Is adding users to the group www-data safe on Debian? For example:
775 root www-data /var/www
644 john www-data /var/www/johns_php_application.php
660 john www-data /var/www/johns_php_applications_configuration_file