How to give read write permission to a folder and its sub folders and files?

Question

I have changed ownership of my localhost file on /var/www/ and its sub folders and given it permission 777. However, whenever I add a new folder in it the new folder does not automatically get that permission. How can I give a folder 777 permission forever so that if I add a new folder or file it gets the same permission?

score 17 · Answer 1 · answered Jan 20 '11 at 09:44

17

You can use the recursive option any time. sudo chown -R username /var/www

answered Jan 20 '11 at 09:44

BZ1

598

score 10 · Answer 2 · edited Apr 13 '17 at 12:23

As others have already mentioned, giving 777 permissions on /var/www is a really bad idea, especially in production.

A better solution would be to give write permissions only to the users who needs to modify the files. One of the ways to do that is:

create a new group
add the user(s) who needs to modify the data in /var/www to that group
recursively change the ownership of /var/www to that group
set umask on /var/www so all newly created files are owned by the group we've created.

Another option would be to use ACL, again, to give write permissions only to users who need them.

Here are detailed instructions on serverfault.

Generally, the webserver or other network services or system user accounts should have no write permissions to the files served by the webserver, as this opens a possibility of arbitrary code execution.

score 2 · Answer 3 · edited Jun 12 '20 at 14:37

You should edit /etc/apache/envvars as root with your editor of choice.

Example: ALT+F2
gksudo gedit /etc/apache2/envvars

Go to the end of the file and add a line umask XXX.

Where umask is the binary opposite of the desired permissions value.
For 774 this would be 003. For 777 bad idea it would be 000.

Save.

Restart apache.

Example: sudo apache2ctl restart

This will only affect files/folders that are newly created by the apache user.

Additional note, read and write is 6 in the user, group, or anyone slot.

score 1 · Accepted Answer · edited Nov 19 '13 at 08:05

1

Permissions for newly created files are set by umask

edited Nov 19 '13 at 08:05

answered Jan 20 '11 at 08:49

Vojtech Trefny

15,601

score 0 · Answer 5 · answered Aug 15 '12 at 22:56

I think you want to have write access to /var/www to modify files and dirs. I think the best solution is to install apache2-mpm-itk and in the virtual host config file add /etc/apache2/sites-available/default:

<IfModule mpm_itk_module>
    AssignUserId your-username your-group
</IfModule>

and run chown your-username\: /var/www -Rv this way apache for that virtual host will run with your UID/GID and you will be able to edit files. Even files created by PHP will have your UID/GID

przemo_li · Answer 6 · 2011-01-23T17:11:26.180

Also, some "out of the box" solution is to configure your http server to use different folder. If You use Apache, simply edit it config files. This way You do not have to change permissions for /var/www witch can be bad idea (potential security issues).

And umask is answer for Your question. It can be used to restrict default privileges for newly created folders and files. And distribution developers tend to use it to restrict access to some system folders.

How to give read write permission to a folder and its sub folders and files?

6 Answers6

Linked