Page 1 of 1
Security & Permissions Question
Posted: Sat Jul 21, 2018 5:09 am
by iolabs
I have Vesta Panel, and i have created some user (let's say testuser for example).
Create a web, and put some files inside.
These files has the testuser as owner.
I Set the files permissions as rwx------ (700 - all permissions only for the owner-all other users deny any access)
I Checked that apache proccess run at apache user.
Even all these, the files still is accessible from web- the only way to make this files not accessible is to change owner or remove permissions even from the owner! Why? - is web users inherits the testuser permissions?!
Please help me to understand why this happens...
thank you
Re: Security & Permissions Question
Posted: Sun Jul 22, 2018 8:49 am
by ScIT
Why you want to remove the permission? I can't find any sense in your request.
Re: Security & Permissions Question
Posted: Mon Jul 23, 2018 10:55 am
by mehargags
Yes,
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
Re: Security & Permissions Question
Posted: Mon Jul 23, 2018 3:03 pm
by iolabs
mehargags wrote: ↑Mon Jul 23, 2018 10:55 am
Yes,
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
Ok with this. But if i want my Vesta Users to have write permissions for example to a file and i dont want the web users have, how can achieve this?! the only solution is to change the owner of the file?
Re: Security & Permissions Question
Posted: Mon Jul 23, 2018 3:05 pm
by iolabs
ScIT wrote: ↑Sun Jul 22, 2018 8:49 am
Why you want to remove the permission? I can't find any sense in your request.
thanx for your reply but you dont understand the question... i dont want to remove the permission.. i want exactly the opossite! see the other anwers to understand! :)
Re: Security & Permissions Question
Posted: Mon Jul 23, 2018 9:19 pm
by mehargags
iolabs wrote: ↑Mon Jul 23, 2018 3:03 pm
mehargags wrote: ↑Mon Jul 23, 2018 10:55 am
Yes,
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
Ok with this. But if i want my Vesta Users to have write permissions for example to a file and i dont want the web users have, how can achieve this?! the only solution is to change the owner of the file?
All VestaCP users belong to the webserver group so you can't have web access disabled for them... You will have to tinker alot with permissions yourself.
Re: Security & Permissions Question
Posted: Tue Jul 24, 2018 2:46 pm
by iolabs
mehargags wrote: ↑Mon Jul 23, 2018 9:19 pm
iolabs wrote: ↑Mon Jul 23, 2018 3:03 pm
mehargags wrote: ↑Mon Jul 23, 2018 10:55 am
Yes,
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
Ok with this. But if i want my Vesta Users to have write permissions for example to a file and i dont want the web users have, how can achieve this?! the only solution is to change the owner of the file?
All VestaCP users belong to the webserver group so you can't have web access disabled for them... You will have to tinker alot with permissions yourself.
Thank you for your answer. I will change the persmissions my self to strict the access! :)