AWS EC2 linux for PHP app - question on group

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Forum Newbie
Posts: 15
Joined: Sun Nov 23, 2014 9:26 am

AWS EC2 linux for PHP app - question on group

Post by krot »

My question is based on needing as tight as possible security on my site.

I have an AWS EC2 linux instance running a PHP app for use by anyone from their browser, and developed by myself as owner.
I have not changed any groups.

The directory tree is:

Code: Select all


The owner, groups & permissions are:

Code: Select all

drwxrwsr-x 10 root www 4096 Dec 25 01:03 /var/www
drwxrwsr-x 5 root www 4096 Feb 26 22:42 /var/www/html
drwxr-xr-x 6 ec2-user www 4096 Feb 25 22:14 /var/www/html/AWS_s
drwxr-xr-x 7 ec2-user www 4096 Feb 24 20:29 /var/www/html/AWS_s/nm-app
drwxr-xr-x 4 ec2-user ec2-user 4096 Apr 9 19:05 /var/www/html/AWS_s/cr-app
Any ideas as to why /cr-app was automatically given the group ec2-user rather than the same group as nm-app which is www?
Which owner:group is more secure?
Post Reply