On Sun, 2010-06-27 at 20:43 +0200, glaskoncILLa wrote:
> Hi,
>
> whats the best way to solve permission/location issue of directory which
> serves for uploading files for later usage with web application?
>
> Application has authentication over htpasswd defined in installation
> process, so is it ok to give full permission for everyone on that
> directory which is placed in /usr/share/PACKAGE?
> Or is it better to give standard permissions and put note about it in
> DEBIAN.readme?
>
> Or is there some other way..?
Hi Nenad,
Firstly, if the directory will grow in size it should be somewhere
under /var, rather than being in /usr. Imagine that people may desire
to install /usr on a readonly partition, for security or embedded
reasons.
If it is something that can happily be cleaned out and will be replaced,
then /var/cache is a good starting point, or if it is more precious than
that then you probably want to create /var/lib/PACKAGE for this content,
and perhaps if it is likely there will be other directories for this
application in the future you may want to make
it /var/lib/PACKAGE/uploads or something along those lines.
You should set permissions on the directory to be the sort of
permissions you see as minimum necessary for the application and
administration of it. I would tend to suggest something like mode 660,
owner root, group www-data. If subdirectories might also be created in
there then you may want to make that group sgid (mode 2660).
Regards,
Andrew McMillan.
--
------------------------------------------------------------------------
andrew (AT) morphoss (DOT) com +64(272)DEBIAN
You will be given a post of trust and responsibility.
------------------------------------------------------------------------
Attachment:
signature.asc
Description: This is a digitally signed message part