homepage Welcome to WebmasterWorld Guest from 54.198.130.203
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
creating html file with Root permissions
mike2010




msg:4547217
 7:34 pm on Feb 20, 2013 (gmt 0)

We all know with PHP and other programs that need the right file permissions in order to overwrite the file and store in DB.

But what about with ordinary HTML files created from scratch in an FTP program...and don't require other programs to overrite them. Only manual overwrite while i'm connected to FTP. And the file contents of these pages are just very basic HTML and nothing else.

I've got conflicting data on whether or not THESE must be owned by the domain user as well....or if they could be owned by Root and still viewed correctly by all on the internet.

example, I like created files with WinSCP...but unfortunately their always created as a Root file with root permissions.

With every browser I view these Root files in, they show up completely fine. But some people say they should be changed to the domain user permission name...as they could cause some browser viewing issues.

Thoughts ?

I figure what's the difference if i'm the only one (Root) overwriting these files...It shouldn't cause any viewing issues from my ordinary visitors right ?

 

phranque




msg:4547403
 12:12 pm on Feb 21, 2013 (gmt 0)

it depends on the owner/group of the file and permissions settings for the file as well as the user running the apache process and the groups to which the apache process user is assigned.

the process running the server must have read access either as the owner outright or by being in the same group as the owner or by setting read privileges for the file to "the world".

if your apache process is running as 'root', that would explain things but you should fix that - very insecure/unsafe!

mike2010




msg:4551510
 8:51 pm on Mar 5, 2013 (gmt 0)

I'm generally talking about files under a domain name and in /httpdocs/ ...and with general 644 permissions throughout.

As long as it's not a dynamically controlled file (by php , mysql or other) ....and as long as it's just a basic html file.... It shouldn't matter whether the file is owned by the FTP owner or owned by Root.. ?

that's basically what I mean. In my 10 years of doing this, i've never had a permission denial error (in any browser) when trying to view such file...as long as it's a basic html file.

If it's a forum or other type of database file in which apache/php needs access to to automatically change....I could understand in those instances.. But if it's an ordinary .html file i'm trying to change using a FTP client...whether I change it in Root or with the separate FTP owner permissions.... These files shouldn't ever have a problem displaying to ordinary visitors, regardless of their browser. Correct ?


phranque




msg:4551554
 12:04 am on Mar 6, 2013 (gmt 0)

if you give the world read access, that means all processes can read that file including the web server.

mike2010




msg:4552333
 10:53 pm on Mar 7, 2013 (gmt 0)

short and sweet enough. thx

(knew I was right)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved