Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] file permission exucute questions



> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Eric Chadbourne
> 
> Got a basic question for you.  On web servers I usually set files to 644
> (-rw-r--r--).  A designer I'm working with keeps leaving files
> (-rw-r--r-x) with the last being execute.  Is this bad?  Why?

Generally speaking, you're both doing something wrong.  Generally speaking, files on a web server should be 640 (rw-r-----)
Where the file owner is an actual user, strongly secured, complex password or no password (ssh keys only).
Set the group to something that apache httpd is part of, and also the user is part of.

Set the group sticky bit on the parent directory and recursively.
sudo chmod -R g+s /var/www/whateverdir

This way, all new files created will belong to the group of the parent directory, rather than the default group of the user account.



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org