Permissions on /var/www
jdinkel at gmail.com
Mon Aug 17 17:31:50 UTC 2009
On Mon, Aug 17, 2009 at 12:00 PM, Alexander Kraev <alexander.kraev at gmail.com
> It depends on web-server architecture and how many sites you are going
> to run inside /var/www.
> root:root is good for /var/www if you are running many sites in
> /var/www. Let's say:
> Each of these directory has to be owned as www-data:www-data if you use
> only www-data user to manage all virtual hosts and unix_user:www-data in
> case of multi-user virtual host based web server.
> It's a quick tip, all depends on your needs and web server's architecture.
"Each of these directory has to be owned as www-data:www-data"
This is absolutely not true, and a bad idea for reasons already pointed out
in this thread (Roy Sigurd Karlsbakk's email). Only set www-data as the
owner when a web application specifically calls for it and only on the
folder or file that it calls for.
For instance, say a web application requires the web server to have write
access to /var/www/myapp/uploads/. Then keep /var/www owned by root.root
and perms set to 755, and change just the uploads folder to be owned by
www-data.root (or www-data.www-data, or root.www-data with 775 perms, it's
all the same).
If you do want users without root privileges to be able to modify the
directories, then that is ok give them permissions to write to whatever they
need, but you do not want to give www-data any more than read permissions
unless your web application specifically calls for it.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-server