Hello everyone,
I posted this in unix/linux but it received no replies, so I assume it was the wrong forum. I'm trying here.
I'm in way over my head with file permissions. The directory and files are sitting on a linux server. I know almost nothing about linux.
The background: I was given a web share by my IT admin. Initially, the web share had 3 users, myself (as the owner) ,root (the group) and everyone. I could copy and paste from my local folder to the web share when at work no problem. But I needed to be able to upload files from home over the web. Whatever the permissions were originally set to, wouldn't let me. So I changed permissions to five Full Control to "everyone", which let me upload. So now, "myself" and "everyone" have Full Control and "root" has partial control.
I then found a webadmin file which listed directory contents etc via the web and allowed me to upload, delete, view etc the files in my directories. I have noticed now that when I copy/paste files as originally, the file permission is set to 764 and the owner is set as "myself", which I assume is correct. But, when I upload the same file using the webadmin via the web, the file permission is set to 644 (according to the settings within the webadmin file) and the owner becomes "www-data".
Also, I notice that on the webadmin, any file that has permissions set as 600,755 or 644 allows me to change those permissions, but any file whose permissions are 764 will not allow me to change those permissions.
I am really confused and worried. My questions, in order of importance:
1) Have I massively compromised the security of my files by changing "everyone" permission to full control?
2) What should my directories and files have permissions set to in order to allow me to upload over the web but not compromise security?
3) For my directory, I assume the "myself" group should have full control. How much control should the other groups have?
4) Why are the permissions of the 764 not changeable but the 600,755 and 644 are?
5) When I upload a file via the web, why does the owner change to "www-data"?
If anyone could possibly spare the time to help me out, I would really be grateful. Thanks.
I posted this in unix/linux but it received no replies, so I assume it was the wrong forum. I'm trying here.
I'm in way over my head with file permissions. The directory and files are sitting on a linux server. I know almost nothing about linux.
The background: I was given a web share by my IT admin. Initially, the web share had 3 users, myself (as the owner) ,root (the group) and everyone. I could copy and paste from my local folder to the web share when at work no problem. But I needed to be able to upload files from home over the web. Whatever the permissions were originally set to, wouldn't let me. So I changed permissions to five Full Control to "everyone", which let me upload. So now, "myself" and "everyone" have Full Control and "root" has partial control.
I then found a webadmin file which listed directory contents etc via the web and allowed me to upload, delete, view etc the files in my directories. I have noticed now that when I copy/paste files as originally, the file permission is set to 764 and the owner is set as "myself", which I assume is correct. But, when I upload the same file using the webadmin via the web, the file permission is set to 644 (according to the settings within the webadmin file) and the owner becomes "www-data".
Also, I notice that on the webadmin, any file that has permissions set as 600,755 or 644 allows me to change those permissions, but any file whose permissions are 764 will not allow me to change those permissions.
I am really confused and worried. My questions, in order of importance:
1) Have I massively compromised the security of my files by changing "everyone" permission to full control?
2) What should my directories and files have permissions set to in order to allow me to upload over the web but not compromise security?
3) For my directory, I assume the "myself" group should have full control. How much control should the other groups have?
4) Why are the permissions of the 764 not changeable but the 600,755 and 644 are?
5) When I upload a file via the web, why does the owner change to "www-data"?
If anyone could possibly spare the time to help me out, I would really be grateful. Thanks.
Comment