creating html file with Root permissions - Apache Web Server forum at WebmasterWorld - WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

creating html file with Root permissions

mike2010

7:34 pm on Feb 20, 2013 (gmt 0)

10+ Year Member

We all know with PHP and other programs that need the right file permissions in order to overwrite the file and store in DB.

But what about with ordinary HTML files created from scratch in an FTP program...and don't require other programs to overrite them. Only manual overwrite while i'm connected to FTP. And the file contents of these pages are just very basic HTML and nothing else.

I've got conflicting data on whether or not THESE must be owned by the domain user as well....or if they could be owned by Root and still viewed correctly by all on the internet.

example, I like created files with WinSCP...but unfortunately their always created as a Root file with root permissions.

With every browser I view these Root files in, they show up completely fine. But some people say they should be changed to the domain user permission name...as they could cause some browser viewing issues.

Thoughts ?

I figure what's the difference if i'm the only one (Root) overwriting these files...It shouldn't cause any viewing issues from my ordinary visitors right ?

phranque

12:12 pm on Feb 21, 2013 (gmt 0)

WebmasterWorld Administrator

10+ Year Member

Top Contributors Of The Month

it depends on the owner/group of the file and permissions settings for the file as well as the user running the apache process and the groups to which the apache process user is assigned.

the process running the server must have read access either as the owner outright or by being in the same group as the owner or by setting read privileges for the file to "the world".

if your apache process is running as 'root', that would explain things but you should fix that - very insecure/unsafe!

mike2010

8:51 pm on Mar 5, 2013 (gmt 0)

10+ Year Member

I'm generally talking about files under a domain name and in /httpdocs/ ...and with general 644 permissions throughout.

As long as it's not a dynamically controlled file (by php , mysql or other) ....and as long as it's just a basic html file.... It shouldn't matter whether the file is owned by the FTP owner or owned by Root.. ?

that's basically what I mean. In my 10 years of doing this, i've never had a permission denial error (in any browser) when trying to view such file...as long as it's a basic html file.

If it's a forum or other type of database file in which apache/php needs access to to automatically change....I could understand in those instances.. But if it's an ordinary .html file i'm trying to change using a FTP client...whether I change it in Root or with the separate FTP owner permissions.... These files shouldn't ever have a problem displaying to ordinary visitors, regardless of their browser. Correct ?

phranque

12:04 am on Mar 6, 2013 (gmt 0)

WebmasterWorld Administrator

10+ Year Member

Top Contributors Of The Month

if you give the world read access, that means all processes can read that file including the web server.

mike2010

10:53 pm on Mar 7, 2013 (gmt 0)

10+ Year Member

short and sweet enough. thx

(knew I was right)