[Box-Admins] box2:/var/www/files permissions update
Chris Muller
ma.chris.m at gmail.com
Tue Feb 25 19:37:15 UTC 2014
Okay. I may not be clear on what the exact role of each user/group is
supposed to play. Is website an account only for what the squeak.org
_web server_ needs? Or is it an account for web-team members to put
out the files to support the web-site?
Would there be a security advantage for the web-site to run under an
account that does not have write-access to anything it doesn't need..?
On Tue, Feb 25, 2014 at 1:29 PM, Ken Causey <ken at kencausey.com> wrote:
> On 02/25/2014 01:22 PM, Chris Muller wrote:
>>
>> I was unable to create a "4.5" directory as the "updates" user on
>> box2. Owner and Group permission for the "files" directory (rwxr x r
>> x) belonged to "website".
>>
>> In fact, website does not need write access, just read. "updates"
>> needs write access.
>>
>> So I gave ownership of "files" to the "updates" user. website still has
>> group.
>>
>> - Chris
>>
>>
>
> While it can certainly be changed the management of the FTP site aka Files
> was assigned to the webteam which had control of the website account and
> could divvy out access to team members as needed. When this failed, anyone
> with access to the root account (now sudo access) can always step in.
>
> The practice in the past was for someone with either website or superuser
> access to create a new directory for the release and give updates write
> access to it.
>
> Ken
More information about the Box-Admins
mailing list