To enforce the following permissions on files in /var/www, can I use the commands chmod u+s and chmod g+s?
Permissions:
chown -R root:web /var/www chmod -R g+rw /var/www
Asked
Active
Viewed 2,664 times
1 Answers
2
Setting the setgid bit on a directory will cause files and directories to inherit the group ownership of that directory. It will not have any impact on file or directory permissions.
File and directory permissions are controlled primarily by the process umask, which you can set for example in the Apache startup script.
To do what you want, you would first need to recursively set the setgid bit on all the directories in /var/www, and would would need to fix the permissions on existing files, and you would need to make sure all the existing files/directories have appropriate user and group ownership, and you would need to arrange for Apache to use the appropriate umask.
larsks
- 43,623
- 14
- 121
- 180
-
See [this question](http://stackoverflow.com/questions/428416/setting-the-umask-of-the-apache-user) for more information about setting the umask for Apache. – larsks Apr 03 '12 at 18:31
-
Thanks! What are your thoughts on this? http://stackoverflow.com/questions/10000023/are-these-lamp-permissions-secure – Trent Scott Apr 03 '12 at 19:27
-
I've added some comments on that question. – larsks Apr 03 '12 at 20:04