Mark Rogers mark@quarella.co.uk wrote:
MJ Ray wrote:
Why would it? If the directory is group-writeable but the files aren't, Apache could delete them (IIRC), but you can avoid that by setting the sticky bit (+t) on the directory. See man chmod.
The files would need to be group-writable for Apache to be able to write to them,
Why does Apache need to be able to write to the files? I thought the problem was "images will be uploaded by the website admin backend as well" so I dismissed your "write to the files" statement as misleading. I thought that you wanted Apache to be able to write new files to that directory (so the directory is +t and g+w), but avoid allowing it to write to the actual files uploaded by PureFTP (so the files don't need to be g+w).
but the way PureFTP works (with virtual FTP users) is that all files from all users have ftpuser.ftpgroup ownership, so adding Apache to ftpgroup would give Apache write access to all FTP users' files.
Surely not, as long as PureFTP isn't creating the files g+w? If it is, then I think your umask is wrong for your need. See http://download.pureftpd.org/pub/pure-ftpd/doc/README http://download.pureftpd.org/pub/pure-ftpd/doc/README.Configuration-File for how to change it.
Hope that helps,