File permissions with PHP

Whether you are using Linux on the desktop or as a server, it's still good that you're using Linux. Linux related questions go here.

Moderator: General Moderators

Post Reply
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

File permissions with PHP

Post by alex.barylski »

I have created a directory as root and set it's permissions to 777. I copied files into that directory and now some of those directories need writing access by the PHP scripts which reside within the parent I created as root.

PHP is run as Apache module, so it's user 'www-data' on my Debian system.

The reason I set the original directory to 777 was because 'www-data' falls under 'other' or 'world' priveleges, correct?

Obviously giving any directory 777 isn't ideal, so how do I make it so that the PHP scripts can still write to the directories but they do not need world write access?

If the owner is 'root' to I change group to 'www-data'?

This is something which has plagued me forever while I try and fully understand *nix file permissions. :)

If you could elaborate on how and why, I would be grateful. :)

Cheers :)
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Re: File permissions with PHP

Post by volka »

Hockey wrote:If the owner is 'root' to I change group to 'www-data'?
Maybe there is such a group, maybe not.
try

Code: Select all

groups www-data
at a shell prompt. It prints the groups the given userid is a member of.
blackbeard
Forum Contributor
Posts: 123
Joined: Thu Aug 03, 2006 6:20 pm

Post by blackbeard »

Look at the user and group section of httpd.conf, and change the owner/group to that.

ie. if the user is myweb, and the group is myserver, then you can use: chown -R myweb:myserver mydirectory.
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

The usual approach is that the owner has rights (as the owner).. And the user-account that runs the webserver becomes the group that owns the files...

chown root:www-data /path
Post Reply