FTP upload wrong permissions

0
votes

Added "youri" to the www-data group

grep youri /etc/group

www-data:x:33:youri
youri:x:1004:

When i upload something with FTP, the file permission is -rw-------

ls -all

total 176
drwxr-xr-x 2 youri youri   4096 feb 25 12:38 .
dr-xr-xr-x 3 youri youri   4096 feb 25 12:08 ..
-rw-r--r-- 1 youri youri     17 feb 25 12:27 index.php
-rw------- 1 youri youri 164655 feb 25 12:24 test.pdf (uploaded with FTP)

The file index.php is created by nano and changed the permissions by sudo chown youri:youri index.php

When i access my website it shows me the index.php but /test.pdf gives me an "Permission denied" error

1
linuxubuntunginxpermissionsftp

1 Answers

1
votes

Your webserver has no permission to read the file.

Normally, an ftp server has a configuration value called "umask" which is a value defining what permissions NOT to grant (the binary inverse of the value you would give to chmod)

For a better security, most ftp servers like vsftp ship with a default umask of 055 or 077

As you can see, your index.php is not executable. Although it technically is just read, semantically the script is being executed by your webserver. And the webserver runs as the user www-data.

To have this work, change the following:

- Make youri's default group www-data: usermod -g www-data youri
- Change /etc/vsftpd.conf and set a umask of 022
- Restart vsftpd
- chmod 755 index.php (or delete it and upload it again)