Sample code sharing about assigning permissions to the website directory under Linux

It is very important to assign permissions to directories when building a website, and it is also something that programmers who build a website must know. The following article mainly summarizes for you linux Friends who need it can refer to the experience and skills of assigning permissions to the website directory. Let’s take a look below.

Preface

On the InternetSearchThe website folder permission configuration is generally: Folder permissions minimum permission 755 Minimum file permissions 644

It is easy to understand that files are readable, writable and executable, but the permissions of folders need to be carefully sorted out. Here are some of my experiences to share with everyone. If you need them, take a look. Detailed introduction:

Preliminary work

First create a folder test

mkdir test

in this directory Create a 1.txt file and write 111

cat > 1.txt
111

NowExitAnalyze and change the directory permissions one by one

Do not use the root user to create files folder, because the file permission configuration is invalid for the root user

The executable permissions of the directory

chmod 111 test

After testing, only cd testEnter the directory, but can neither ls list the directory nor touch 2.txt a new file, but cat 1.txt can still be read to the content

So we summarize

The executable permissions of the directory are that the user can enter or switch to the directory, but cannot list the directory and create new files. The original file can be read The permissions belonging to the file are set to readable

The permissions for the directory are writable

chmod 222 test

The most intuitive change is that the color of the directory becomes darker ( ps, the file will also become darker when executable permission is given)

You can try some of our common commands

ls test
cd test
cat test/1.txt
touch test/2.txt

The result is that nothing can be done

ubuntu@VM-8-81-ubuntu:~$ ls test
ls: cannot open directory test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cd test
bash: cd: test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt
cat: test/1.txt: Permission denied
ubuntu@VM-8-81-ubuntu:~$ touch test/2.txt
touch: cannot touch ‘test/2.txt': Permission denied

Now we are here Add executable permissions to the changed directory

chmod 333 test

and found that except that the directory cannot be listed normally with ls, the rest cd touch cat can be executed, so we draw the conclusion

linux If you want to create a file in a folder, you must have writable and executable permissions, that is, the permission size is 333. If you only give write permissions, nothing can be done

Readable permissions for the directory

chmod 444 test

ubuntu@VM-8-81-ubuntu:~$ ls test
ls: cannot access test/1.txt: Permission denied
ls: cannot access test/2.txt: Permission denied
1.txt 2.txt
ubuntu@VM-8-81-ubuntu:~$ cd test
bash: cd: test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt
cat: test/1.txt: Permission denied

Summary: The directory has readable permissions to list directories

The website only has readable permissions and can only list directories. Other cd cat cannot be executed, so what is the permission if the website is set to 555?

ubuntu@VM-8-81-ubuntu:~$ chmod 555 test
ubuntu@VM-8-81-ubuntu:~$ cd test/
ubuntu@VM-8-81-ubuntu:~/test$ ls
1.txt 2.txt
ubuntu@VM-8-81-ubuntu:~/test$ touch 3,txt
touch: cannot touch ‘3,txt': Permission denied

You can see that except the touch command that cannot create new files, other commands can still be executed

At this point, it is easy to deduce that the folder with 666 permissions is readable and writable but has no execution permissions. It is impossible to enter the directory, but with readability and writability, the basic permissions are also available. 777 permissions are the maximum permissions of the folder. Permissions

Looking back and analyzing the first sentence of the article, the minimum permissions of the folder when building the website are 755, and the minimum permissions of the files are 644

There is a user permission allocation problem here

When chmod modifies permissions, each file or directory has three groups of access permissions. Each group is represented by three digits, which are the read, write and execute permissions of the file owner; the read and write permissions of users in the same group as the owner. and execution permissions; the read, write and execution permissions of other users in the system

Folder permissions 7 and file permissions 6 are assigned to Linux management users. Apache defaults to www ordinary users for users who access the website. Therefore, the file permissions are 755, which means that ordinary users can only have the permission to view and browse the website, but do not have the permission to create files or upload files. Generally, if you need a special folder such as upload or tmp folder to store some For temporary files, you need to set the folder permission to 777 and the file permission to 644, which means you can only view but not modify it

Summary

The above is the detailed content of Sample code sharing about assigning permissions to the website directory under Linux. For more information, please follow other related articles on the PHP Chinese website!