Permissions?

[Dave Howorth]

Jim Byrnes wrote:
> Dave Howorth wrote:
>> In general that is the wrong solution. Files very often have specific
>> ownership and permissions in order to make the system work properly and
>> be secure. So changing the ownership of arbitrary files is a Bad Idea.
>> Don't do it unless you know exactly what the file is and why you're
>> changing its ownership.
> 
> I'm still getting used to file permissions so I'll keep this in mind. In 
> this case I had installed LAMP on my desktop and all the files will be 
> put there by myself.

That's one of the cases where ownership often matters. The web server
normally has its own user id and files need to be accessible by that
user. Since the web server is exposed to the outside world, it's
important to keep it as secure as possible so the permission on those
files should be as restrictive as possible and ideally there won't be
much overlap with other users' permissions and especially not with root
permissions.

I don't know exactly how ubuntu organizes this though I see there is a
www-data user & group for apache. I would create files with you as owner
and set the group to www-data and permissions to 640 or 750 depending on
whether they're data or directories/executables. Then you won't need
gksudo to edit them. You'll need root permission to create the files
and/or top-level directories in /var/www in the first place, of course.

Cheers, Dave