im looking to enable 770 permissions on a sub-server’s public_html directory (or one or more directories under that) so that the lone user of said sub-server can sftp new files into it in automated fashion.
ive got everything working for testing purposes, but wanted to make sure i wasnt creating a security issue by moving into production with the proposed permissions?
It is reasonably safe as long as you aren’t using mod_php or any execution mode that runs scripts as the web server user.
I assume, of course, that you trust the users in the domain (all mail/FTP users are in the domain group) to not be nefarious actors (or just dangerously incompetent).
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.