Avatar of Torquil Beavis
Torquil Beavis
Flag for Canada asked on

Linux permissions in the context of web sites

Hi:
I have read and reread a number of articles on permissions and know how to change them, yet I find that I cannot place them in the context of web site development and usage. I do not have access to the server directly since I use a remote Linux shared server.

As the only developer, I am creating a web site with PHP. I need to create directories and files which I transfer through an FTP app on my desktop. All of the web site scripts and data files are in the URL-accessible server directories, except the uploads directory that is private (between the URL-accessible web directory and the root directory).
Directory structure:
/
-private directory (Non-URL accessible - for uploads)/
    -files
    -sub-directory/
        -files
-web directory (URL accessible)/
    -sub-directory/
        -files
        -sub-sub-directory/
            -files

Open in new window

There are three types of user:
1. The only developer, where I create directories and files, use the web site app, upload image files from the web site and the FTP app, and manage the directories and files through FTP.
2. The web site user, who uses the web site forms and reads data on the web pages. They may not upload any files. They have no personal access to the directories and files.
3. Specific web site users, that is registered members, are like user 2. except they may upload image files to the server.

What is an permission 'owner'? Me as developer, the server, or the scripts?
What is a 'group'? Me as a developer, only other developers if there were some, registered members?
And is 'other' the regular non-registered users - ie anybody using the app?

For each of these groups 1 through 3, what would be the rwx permissions for the directories and files that they have access to?
If another developer joins me and I want to have secure directories and files that this second developer must not have, how would this change the permissions?

Much appreciated :)
PHPLinux

Avatar of undefined
Last Comment
Dave Baldwin

8/22/2022 - Mon
SOLUTION
Dave Baldwin

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Torquil Beavis

ASKER
So does this mean that all my directories and files should have group and other as --- ? Including upload directories and files?
ASKER CERTIFIED SOLUTION
Dave Baldwin

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Torquil Beavis

ASKER
Ah! Great.
Just to clarify ..
If my users need to upload images, which would be writing to the server, would that mean assigning rw-  to the 'upload' directory and file under 'group' or 'other' or neither?
SOLUTION
Dave Baldwin

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Torquil Beavis

ASKER
.. the directory with x as well, of course.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Torquil Beavis

ASKER
Great! Thanks Dave.
Torquil Beavis

ASKER
Dave, that's the best explanation I've ever read. Thank you.
Dave Baldwin

You're welcome, glad to help.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.