On Sun, 2010-06-27 at 20:43 +0200, glaskoncILLa wrote: > Hi, > > whats the best way to solve permission/location issue of directory which > serves for uploading files for later usage with web application? > > Application has authentication over htpasswd defined in installation > process, so is it ok to give full permission for everyone on that > directory which is placed in /usr/share/PACKAGE? > Or is it better to give standard permissions and put note about it in > DEBIAN.readme? > > Or is there some other way..? Hi Nenad, Firstly, if the directory will grow in size it should be somewhere under /var, rather than being in /usr. Imagine that people may desire to install /usr on a readonly partition, for security or embedded reasons. If it is something that can happily be cleaned out and will be replaced, then /var/cache is a good starting point, or if it is more precious than that then you probably want to create /var/lib/PACKAGE for this content, and perhaps if it is likely there will be other directories for this application in the future you may want to make it /var/lib/PACKAGE/uploads or something along those lines. You should set permissions on the directory to be the sort of permissions you see as minimum necessary for the application and administration of it. I would tend to suggest something like mode 660, owner root, group www-data. If subdirectories might also be created in there then you may want to make that group sgid (mode 2660). Regards, Andrew McMillan. -- ------------------------------------------------------------------------ andrew (AT) morphoss (DOT) com +64(272)DEBIAN You will be given a post of trust and responsibility. ------------------------------------------------------------------------
Attachment:
signature.asc
Description: This is a digitally signed message part