How to assign permissions to the website directory under Linux

It is very important to assign permissions to directories when building a website, and it is also something that programmers who build websites must know. The following article mainly summarizes the experience and skills of assigning permissions to directories when building a website under Linux. Friends who need it You can use it as a reference, let’s take a look below.

Preface

When searching for website folder permissions on the Internet, the configuration is generally: Minimum folder permissions 755 Minimum file permissions 644

It is easy to understand that files are readable, writable and executable, but the permissions of folders need to be carefully sorted out. Here are some of my experiences to share with you. If you need it, let’s take a look at the detailed introduction:

Preliminary work

First create a folder test

mkdir test

in Create a 1.txt file in this directory and write 111

cat > 1.txt
111

Now exit the directory and analyze and change directory permissions one by one

Don’t Use the root user to create the folder, because the file permission configuration is invalid for the root user

Executable permissions of the directory

chmod 111 test

After testing, I can only cd testenter the directory at this time, but I can neither ls list the directory nor touch 2.txta new file. But cat 1.txt can still read the content

So we conclude that the executable permissions of the

directory are that the user can enter or switch to the directory, But I can't list the directory and create new files. I can read the original file because the permissions of the file are set to readable

The directory is writable

chmod 222 test

The most intuitive change is that the directory color becomes darker (ps, the color will also become darker when the file is given executable permissions)

You can try some of our common The result of the command

ls test
cd test
cat test/1.txt
touch test/2.txt

is that nothing can be done

ubuntu@VM-8-81-ubuntu:~$ ls test
ls: cannot open directory test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cd test
bash: cd: test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt
cat: test/1.txt: Permission denied
ubuntu@VM-8-81-ubuntu:~$ touch test/2.txt
touch: cannot touch ‘test/2.txt': Permission denied

Now we are adding executable permissions to the changed directory

chmod 333 test

Found that except that ls cannot list the directory normally, the rest of cd touch cat can be executed, so we draw the conclusion

If you want to create a file in a linux folder, you must have writable and executable permissions, that is, the permission size is 333. If you only give write permissions, nothing can be done.

Read permissions for the directory

chmod 444 test

ubuntu@VM-8-81-ubuntu:~$ ls test
ls: cannot access test/1.txt: Permission denied
ls: cannot access test/2.txt: Permission denied
1.txt 2.txt
ubuntu@VM-8-81-ubuntu:~$ cd test
bash: cd: test: Permission denied
ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt
cat: test/1.txt: Permission denied

Summary: The read permission of the directory can only list the directory

The website only has read permission and can only list the directory. Other cd cat cannot be executed. So what is the permission of the website if it is set to 555?

ubuntu@VM-8-81-ubuntu:~$ chmod 555 test
ubuntu@VM-8-81-ubuntu:~$ cd test/
ubuntu@VM-8-81-ubuntu:~/test$ ls
1.txt 2.txt
ubuntu@VM-8-81-ubuntu:~/test$ touch 3,txt
touch: cannot touch ‘3,txt': Permission denied

You can see that except the touch command that cannot create new files, other commands can still be executed

At this point, it is easy to infer that the folder with 666 permissions is readable and Write but no execute permission, cannot enter the directory, but it is readable and writable, and the basic permissions are also available. The 777 permission is the maximum permission of the folder

Let’s go back and analyze the article first In a word, the minimum permissions of the folder when building the website is 755, and the minimum permissions of the files are 644

There is a user permission allocation problem

When chmod changes permissions, the access permissions of each file or directory There are three groups, each group is represented by three digits, which are the read, write and execute permissions of the file owner; the read, write and execute permissions of users in the same group as the owner; the read, write and execute permissions of other users in the system.

Folder permissions 7 and file permissions 6 are assigned to Linux management users. Apache defaults to www ordinary users for accessing the website, so the file permissions 755 means that ordinary users can only view and browse the website. permissions, but no permissions to create files or upload files. Generally, if you need a special folder such as upload or tmp folder to store some temporary files, you need to set the folder permissions to 777, and the file permissions to 644, which means you can only view but not modify them.

The above is the detailed content of How to assign permissions to the website directory under Linux. For more information, please follow other related articles on the PHP Chinese website!