[CentOS] Is it bad for my web document folder to be user accessible?

Mon Sep 19 16:23:04 UTC 2005
Preston Crawford <me at prestoncrawford.com>

On Tue, 2005-09-20 at 01:06 +0900, Dave Gutteridge wrote:
> ... except that's where the process stopped. My regular user account
> doesn't have permission to write into the /var/www/html folder.
> 
> Should I just chmod the folder to 777? Is there a reason it's not
> already user accessible?

I'm not going to tell you what to do, because I'm not entirely certain
what best practices on this would be. I'll just tell you what I do. What
I do is this. First off, in the case of applications like phpMyAdmin
(which may be easier to install via yum, if it's in there, can't
recall), I let the application go where it's supposed to go. Same with
CVSWeb, etc. So I wouldn't have to touch it, because it would be
readable by "other", so like 755, which is what /var/www/html is to
start with. So for applications like that I don't need to change
permissions.

For my personal applications I usually create a group for web
development. Then I put myself in that group and I create a directory
under /var/www/sites/ (a folder I create with root) for my application
which I think make 775 with ownership of root:<webdevgroup>. This way I
can freely copy files into that directory, without modifying the
permissions of /var/www/html. Then, as I mentioned earlier I setup a
virtual host for this directory. I explained that in an earlier thread.
That way when I go to http://mytestingserver I get that directory served
up to me as if it were a root URL. I can copy files in, etc. and I'm not
messing around with any of the pre-installed directories.

That's what I do, but I'm not sure what best practices are. I go that
extent, mostly because I know I'll end up working on 5 or 6 other sites,
so they all need to have their own directory. Plus it just feels cleaner
to put them in separate directories, then use virtual hosts. Whether it
is or not, maybe someone else can answer.

Preston