[ALUG] File permissions for FTP and Apache
MJ Ray
mjr at phonecoop.coop
Fri Mar 27 11:09:23 GMT 2009
Mark Rogers <mark at quarella.co.uk> wrote:
> MJ Ray wrote:
> > Why would it? If the directory is group-writeable but the files
> > aren't, Apache could delete them (IIRC), but you can avoid that by
> > setting the sticky bit (+t) on the directory. See man chmod.
>
> The files would need to be group-writable for Apache to be able to write
> to them,
Why does Apache need to be able to write to the files? I thought the
problem was "images will be uploaded by the website admin backend as
well" so I dismissed your "write to the files" statement as
misleading. I thought that you wanted Apache to be able to write new
files to that directory (so the directory is +t and g+w), but avoid
allowing it to write to the actual files uploaded by PureFTP (so the
files don't need to be g+w).
> but the way PureFTP works (with virtual FTP users) is that all
> files from all users have ftpuser.ftpgroup ownership, so adding Apache
> to ftpgroup would give Apache write access to all FTP users' files.
Surely not, as long as PureFTP isn't creating the files g+w?
If it is, then I think your umask is wrong for your need. See
http://download.pureftpd.org/pub/pure-ftpd/doc/README
http://download.pureftpd.org/pub/pure-ftpd/doc/README.Configuration-File
for how to change it.
Hope that helps,
--
MJ Ray (slef)
Webmaster for hire, statistician and online shop builder for a small
worker cooperative http://www.ttllp.co.uk/ http://mjr.towers.org.uk/
(Notice http://mjr.towers.org.uk/email.html) tel:+44-844-4437-237
More information about the main
mailing list