It is very important to assign permissions to directories when building a website, and it is also something that programmers who build websites must know. The following article mainly summarizes the experience and skills of assigning permissions to directories when building a website under Linux. Friends who need it You can use it as a reference, let’s take a look below.
Preface
When searching for website folder permissions on the Internet, the configuration is generally: Minimum folder permissions 755 Minimum file permissions 644
It is easy to understand that files are readable, writable and executable, but the permissions of folders need to be carefully sorted out. Here are some of my experiences to share with you. If you need it, let’s take a look at the detailed introduction:
Preliminary work
First create a folder test
mkdir test
in Create a 1.txt file in this directory and write 111
cat > 1.txt 111
Now exit the directory and analyze and change directory permissions one by one
Don’t Use the root user to create the folder, because the file permission configuration is invalid for the root user
Executable permissions of the directory
chmod 111 test
After testing, I can only cd test
enter the directory at this time, but I can neither ls list the directory nor touch 2.txt
a new file. But cat 1.txt
can still read the content
So we conclude that the executable permissions of the
directory are that the user can enter or switch to the directory, But I can't list the directory and create new files. I can read the original file because the permissions of the file are set to readable
The directory is writable
chmod 222 test
The most intuitive change is that the directory color becomes darker (ps, the color will also become darker when the file is given executable permissions)
You can try some of our common The result of the command
ls test cd test cat test/1.txt touch test/2.txt
is that nothing can be done
ubuntu@VM-8-81-ubuntu:~$ ls test ls: cannot open directory test: Permission denied ubuntu@VM-8-81-ubuntu:~$ cd test bash: cd: test: Permission denied ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt cat: test/1.txt: Permission denied ubuntu@VM-8-81-ubuntu:~$ touch test/2.txt touch: cannot touch ‘test/2.txt': Permission denied
Now we are adding executable permissions to the changed directory
chmod 333 test
Found that except that ls cannot list the directory normally, the rest of cd touch cat
can be executed, so we draw the conclusion
If you want to create a file in a linux folder, you must have writable and executable permissions, that is, the permission size is 333. If you only give write permissions, nothing can be done.
Read permissions for the directory
chmod 444 test
ubuntu@VM-8-81-ubuntu:~$ ls test ls: cannot access test/1.txt: Permission denied ls: cannot access test/2.txt: Permission denied 1.txt 2.txt ubuntu@VM-8-81-ubuntu:~$ cd test bash: cd: test: Permission denied ubuntu@VM-8-81-ubuntu:~$ cat test/1.txt cat: test/1.txt: Permission denied
Summary: The read permission of the directory can only list the directory
The website only has read permission and can only list the directory. Other cd cat cannot be executed. So what is the permission of the website if it is set to 555?
ubuntu@VM-8-81-ubuntu:~$ chmod 555 test ubuntu@VM-8-81-ubuntu:~$ cd test/ ubuntu@VM-8-81-ubuntu:~/test$ ls 1.txt 2.txt ubuntu@VM-8-81-ubuntu:~/test$ touch 3,txt touch: cannot touch ‘3,txt': Permission denied
You can see that except the touch command that cannot create new files, other commands can still be executed
At this point, it is easy to infer that the folder with 666 permissions is readable and Write but no execute permission, cannot enter the directory, but it is readable and writable, and the basic permissions are also available. The 777 permission is the maximum permission of the folder
Let’s go back and analyze the article first In a word, the minimum permissions of the folder when building the website is 755, and the minimum permissions of the files are 644
There is a user permission allocation problem
When chmod changes permissions, the access permissions of each file or directory There are three groups, each group is represented by three digits, which are the read, write and execute permissions of the file owner; the read, write and execute permissions of users in the same group as the owner; the read, write and execute permissions of other users in the system.
Folder permissions 7 and file permissions 6 are assigned to Linux management users. Apache defaults to www ordinary users for accessing the website, so the file permissions 755 means that ordinary users can only view and browse the website. permissions, but no permissions to create files or upload files. Generally, if you need a special folder such as upload or tmp folder to store some temporary files, you need to set the folder permissions to 777, and the file permissions to 644, which means you can only view but not modify them.
The above is the detailed content of How to assign permissions to the website directory under Linux. For more information, please follow other related articles on the PHP Chinese website!