Howdi folks

I am having annoying issues with my Debian Squeeze box that are driving me insane. I built the server pretty much following the guide in the Linode docs.. but all my CMS's are having strange problems.

On my none linode host, all permissions for uploaded files are set to 604 (r/w, none, read) and Joomla (for example) works fine. This is due to the assumption that the system is the owner and has full read/write permissions. INstallations, plugin installation etc work fine on that host..

Then there is my LINODE host. The ONLY way I can get Joomla installations to work so I can manage fully from the admin backend is to set permissions at 777 (or 666). This is of course bogus.

In debian WHAT is the name of the web manager owning process, or the system account so I can set the owner of the web files to 604 and for them to work. I have tried apache:apache as owner/group with no success.

Latest build of Debian from the stack scripts.

Thanks in advnace for any assitance

On your non-linode host, you're probably running suexec/suphp, and "your FTP login", ie the files' owner, is what PHP runs at.

At a standard out of the box Debian setup, PHP runs as the webserver user/group, "www-data".

I recommend keeping the files' ownership as "you" (whatever your login is, non-root), but make the writable areas owned by group www-data, and group-writable.

Do not make the actual PHP files writable by PHP - just the attachments directory and other stuff that needs to be writeable by day-to-day operations. Also secure those writeable directories in your webserver's config file so PHP code put in them can't execute.

_________________
rsk, providing useless advice on the Internet since 2005.