[ale] Multi-user web server permissions
Scott McBrien
smcbrien at gmail.com
Fri May 1 07:29:56 EDT 2009
David,
One could make the apache group the owner, with chgrp, then set the
permissions to 2750. But something else to consider would be using
ACLs, which would permit you to set an acl for the apache user to have
rx permissions but keep the normal permissions on the files as you
have them now. Check out the setfacl and getfacl man pages.
-Scott
On May 1, 2009, at 7:11 AM, "David M Lemcoe Jr." <forum at lemcoe.com>
wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello hello.
>
> I currently have a server with about 15 people that have domains on
> it. When playing around in SSH, I noticed that if I ssh as a user that
> was not in his own directory, I could change, edit, and view his
> files.
>
> What permissions do I need to set in order for other users not to be
> able to access others' files, but let Apache access them.
>
> It would make sense to first chown the directory, put all the web
> server users in a group, and chmod everything 707.
>
> Apparently this doesn't work.
>
> How would you all recommend I do this?
>
> Thank you!
>
> David
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkn62NYACgkQe0Ain3PYkIan1wCfWNnAI0e/1Z/ZNjVCsXmFX7Ob
> gfkAn2EzEKxTKaezblOyREwPyM5L8OhC
> =0srx
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list