# Permisssions Issue



## Mayhem30 (Dec 13, 2010)

I'm hoping someone can clear things up for me.

What I'm trying to do is have the apache as the owner of all my web files - but let my username have read / write access to the files (so I'm able to sftp in as "mayhem" and edit the files).

In the /etc/group file, I have :


```
www:*:80:mayhem
```

All my webfiles are set to www:www (dir = 755 / files = 644)

I belong to the www group - should this not give me full access to the files?


----------



## Alt (Dec 13, 2010)

Mayhem30 said:
			
		

> What I'm trying to do is have the apache as the owner of all my web files


Its bad idea cus a php script can change all your web files :\


----------



## SirDice (Dec 13, 2010)

Mayhem30 said:
			
		

> All my webfiles are set to www:www (dir = 755 / files = 644)
> 
> I belong to the www group - should this not give me full access to the files?



No. The owner has read, write, execute on directories, the group and world have read and execute. You are not the owner.

Handbook: 3.3 Permissions


----------



## fronclynne (Dec 13, 2010)

Mayhem30 said:
			
		

> All my webfiles are set to www:www (dir = 755 / files = 644)
> 
> I belong to the www group - should this not give me full access to the files?



You need to set g+w


----------



## Mayhem30 (Dec 14, 2010)

I've always been confused by the whole owner, group and world part.

If i set a file / dir to 777, that gives read / write / execute to every user on the system, correct?

Is this a security risk from outsiders just visiting the website? Does 777 give them permission to do anything with the files?


----------



## SirDice (Dec 14, 2010)

Mayhem30 said:
			
		

> I've always been confused by the whole owner, group and world part.
> 
> If i set a file / dir to 777, that gives read / write / execute to every user on the system, correct?
> 
> Is this a security risk from outsiders just visiting the website? Does 777 give them permission to do anything with the files?



It's never a good idea to make files or directories world writable. Set the permissions like this:


```
chown -R mayhem:www /path/to/website
find /path/to/website -type d -exec chmod 755 {} \;
find /path/to/website -type f -exec chmod 644 {} \;
```

That will give you, as the owner, full permissions while the www user and world can only read.


----------



## Mayhem30 (Dec 14, 2010)

Thank you very much!


----------

