Correct Apache var/www permissions

Question

I'm new to writing permissions in Apache. This is a shared sever of which I have one account on it.

I was having an issue with FileZilla not being able to write to my var/www directory and in an attempt to change its permissions I think I have made it worse.

Here are my current settings

$ ls -l
total 40
drwxr-xr-x  2 root root  4096 Feb  5  2013 backups
drwxr-xr-x  7 root root  4096 Jul 30  2013 cache
drwxr-xr-x 26 root root  4096 Jul 30  2013 lib
drwxrwsr-x  2 root staff 4096 Apr 15  2008 local
lrwxrwxrwx  1 root root     9 Feb  5  2013 lock -> /run/lock
drwxr-xr-x  7 root root  4096 Jul 30  2013 log
drwxrwsr-x  2 root mail  4096 Feb  5  2013 mail
drwxr-xr-x  2 root root  4096 Feb  5  2013 opt
lrwxrwxrwx  1 root root     4 Feb  5  2013 run -> /run
drwxr-xr-x  4 root root  4096 Feb  5  2013 spool
drwxrwxrwt  2 root root  4096 Feb  5  2013 tmp
drwxrwx---  2 root root  4096 Jul 30  2013 www

Can anyone tell me what are the correct permissions to have on the www folder, and even better how to obtain them?

I think it should be

drwxrwxr-x  2 root root  4096 Jul 30  2013 www

Thanks

Answer 1

There is no such thing as "correct permissions".

There's the permissions setup which was used as default in your installation.

There's the right permissions to use for YOUR security model

You appear to be using a security model which requires non-standard permissions, And you've not once mentioned 'users' or 'groups' let alone what your security model is.

As root, you should chown /var/www to whoever should 'own' the directory (hint: it's neither root nor the apache uid) then set the group ownership appropriately (we can't tell from the information you've provided what that is - but again it's neither root nor the apache uid) then chmod o_rx the directory.

Then please go learn a bit about Linux/Unix admin - try googling for "the rute"