I know that one should avoid setting file/folder permissions to 777 and instead use a more granular approach.
I would like to know, if there are specific cases when using chmod 777 on a webserver is justified.
Asked
Active
Viewed 410 times
0
-
1chmod 777 on *what*? i.e. a directory in the web server path, or somewhere else. Without a specific example, the only possible answer is one of 'maybe' or 'possibly' or 'probably'. – EightBitTony Jun 06 '12 at 11:31
-
2In which situation are you really interested? There are going to be different answers depending on what environment you're in (corporate, small business, public facing server, personal VM, etc). – squillman Jun 06 '12 at 11:38
-
2If you are struggling to find valid cases, then surely you've already answered your question – symcbean Jun 06 '12 at 12:11
1 Answers
4
No. There are always ways to tighten up permissions appropriately.
Ignacio Vazquez-Abrams
- 45,939
- 6
- 79
- 84
-
2If you have a directory to which everyone in the universe genuinely needs full access, then 777 is justified. I think it's naive to say it's *never* required. Sure, it should be unusual and by exception only, but it's not inconceivable. – EightBitTony Jun 06 '12 at 11:32
-
1
-
@EightBitTony: Even then, the directory should probably be set to **1**777 like `/tmp/` or `/var/tmp/`. The [sticky bit](https://serverfault.com/questions/10353) allows a world-writable directory, while preventing users from deleting each others' files. (If the users trust each other so much that they _should_ delete each others' files, then they should probably get their own group and a 0770 directory to play in.) – Kevin J. Chase Jun 10 '16 at 11:19