Recommended file permissions for /var/www/html

Hello Experts - Linux Newbie with a question.

I am running Fedora5 with Apache2 and have a question about file permissions.   I want to allow developers the ability to SSH in and modify files.  I am using /var/ww/html directory and each website in a subdirectory has permissions of 755 with Owner=root and Group=Apache.

When the developers SSH in they are unable to edit or modify the files.  Right now they have to SU as root.  I used webmin and changed their primary group to root but that still didn't work.  Right now they are having to su as root. I'd prefer to have them use their regular account.  I was trying not to change the permissions of the files from root:apache for fear of breaking something on the website.

Who is Participating?
What'd I'd do is create a new group, eg: webdev, then do

chgrp -R webdev /var/www/html
chmod -R g+w /var/www/html

then put whatever users who need edit rights to the files under /var/www/html in the webdev group.
ibu1System AdministratorCommented:
u have to add developer user to the apache group
usermod -g developer apache

Before that delete the developer user from the root group.
Steve BinkCommented:
I use Tintin's method.  I have a group called webowner which owns all files and directories in the document roots for my various sites.  At the user level, all are owned by Apache's user.

ibu1's solution creates a vulnerability by allowing developers to change files used for the apache server itself.  No one but apache should be part of apache's group.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.