Security & Permissions Question Topic is solved
Security & Permissions Question
I have Vesta Panel, and i have created some user (let's say testuser for example).
Create a web, and put some files inside.
These files has the testuser as owner.
I Set the files permissions as rwx------ (700 - all permissions only for the owner-all other users deny any access)
I Checked that apache proccess run at apache user.
Even all these, the files still is accessible from web- the only way to make this files not accessible is to change owner or remove permissions even from the owner! Why? - is web users inherits the testuser permissions?!
Please help me to understand why this happens...
thank you
Create a web, and put some files inside.
These files has the testuser as owner.
I Set the files permissions as rwx------ (700 - all permissions only for the owner-all other users deny any access)
I Checked that apache proccess run at apache user.
Even all these, the files still is accessible from web- the only way to make this files not accessible is to change owner or remove permissions even from the owner! Why? - is web users inherits the testuser permissions?!
Please help me to understand why this happens...
thank you
Re: Security & Permissions Question
Why you want to remove the permission? I can't find any sense in your request.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Security & Permissions Question
Yes,
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
Re: Security & Permissions Question
Ok with this. But if i want my Vesta Users to have write permissions for example to a file and i dont want the web users have, how can achieve this?! the only solution is to change the owner of the file?
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Security & Permissions Question
All VestaCP users belong to the webserver group so you can't have web access disabled for them... You will have to tinker alot with permissions yourself.
Re: Security & Permissions Question
Thank you for your answer. I will change the persmissions my self to strict the access! :)mehargags wrote: ↑Mon Jul 23, 2018 9:19 pmAll VestaCP users belong to the webserver group so you can't have web access disabled for them... You will have to tinker alot with permissions yourself.