var/www/ permissions

Question

rom. 13 Newbie Poster

12 Years Ago

Hi there,

A website I'm admin for has a serious security issue. Everytime I make changes to a php script, I chmod -R 777 the var/www directory to make the script work. And if I change this to 775, the photo upload feature on the website doesn't work.

So my questions are:
- What are the real security implications of chmod 777 the entire var/www/
- How do I set the permissions for var/www/ so I can edit/upload scripts without constantly rewriting the permissions
- How can the public upload photos to the server without the directory being 777

(on Ubuntu server 10, apache 2, php 5.3.6)

apache permission server ubuntu www-data

2 Contributors
1 Reply
206 Views
8 Hours Discussion Span
Latest Post 12 Years Ago Latest Post by nonshatter

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

nonshatter 26 Posting Whiz · Answer 1 · 2011-08-31T19:04:01+00:00

I think you could use chown to set apache as the owner/group of /var/www

This post seems to answer your question rather well:
http://serverfault.com/questions/6895/whats-the-best-way-of-handling-permissions-for-apache2s-user-www-data-in-var-w