dso (mod_php) and FTP/File permissions
Question
I'm a bit baffled here. But it might just be my lack of experience.
I have setup PHP DSO (mod_php) and my server runs smoothly and stable. The issue is, though, that in order to run php with includes and everything, I had to set all user account files (/home/*/public_html/*) owner to nobody:nobody.
This introduces two questions for me: - Is this really necessary? I'd rather have them user:user - What about FTP? If I upload files using FTP, they're owned by user:user so they can't be included in another php file (throws errors). Files that are owned by nobody:nobody can't be modified through ftp..
FYI: I also have SuEXEC enabled. Should I disable this?
FYI2: I know I could set all permissions to 777, but that's just wrong.
Thanks a lot!
1 answers
solution1
0 ACCPTED 2012-03-10 10:26:13
Ordinary "nobody" should only read executing files, and write/own only files that can be changed by php. Most files owner should be your ftp user.
Bad practice to keep php rights to change executable files.
Also if "nobody" has rights to run as root it provides php (and therefore users) all his rights.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.