0

I am running lighttpd and I have the root directory of my website in my user home folder.

I would like to serve the website, but not allow other users on the machines to view my home folder or the files within it.

The current permissions of 755 allow other users to view my files, if they know where they are (since they can't list the directory). Is it possible to make my files only accessible to the webserver? (Group permissions?)

verhogen
  • 333
  • 2
  • 4
  • 14

1 Answers1

1
chmod 750 $FOLDER
chown :www-data $FOLDER

you may need to change www-data to whatever user lighttpd is running as (it IS running as a user, right?)

neoice
  • 874
  • 4
  • 17
  • I still need to chmod 755 my home directory though, right? I'd rather avoid that. – verhogen Sep 27 '09 at 20:33
  • the same commands should work on your home directory. permissions are owner/group/user. if you set the last one to 0, no one that isnt you or in your group will be able to access it. on most Linux systems, you have your own personal group as well. so your folder permissions would look like: $you rwx/$you rx/everyone else - this is obviously too strict, hence the 'chown' command, setting the folder to be accessed by the web server. you may want to read 'man chmod' and 'man chown' as well as the Wikipedia page "File system permissions." – neoice Sep 27 '09 at 23:22
  • sorry, comment formatting is ugly. – neoice Sep 27 '09 at 23:24
  • right; i didn't see the colon after the chown – verhogen Sep 28 '09 at 06:52
  • oh, no problem. I didnt even know I could do that for a long time. – neoice Sep 28 '09 at 18:14