group write privileges on web dirs

Discussion in 'Feature Requests' started by bambam82, Oct 27, 2010.

  1. bambam82

    bambam82 New Member


    i would suggest to have group write privileges on all webdirs because of the following:
    For example:
    We have a client. This client has multiple websites. He wants to control these websites via 1 FTP user. In the options you can point to /var/www/clients/client1 instead of /var/www/clients/client1/web1.
    But you are only allow to write to web1 because that is your current user. You are not allowed to write to web2, because other directories don't have the group write bit set....

    It is possible to change this for a current directory, but when a change occurs, your settings are gone again.

    This change doesn't have impact on the security because it is still the same user/client.

    Could this feature be added in the next release?

    Many thanks. Bart Dorlandt
  2. bambam82

    bambam82 New Member

    web subdir, group read access also


    I just saw we will need to change the subdir "web" also to have group read access. This would help me and my client a lot.
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    This has a impact on security and thats why we do not use group write access in ISPConfig. It makes a big difference if a client has ten sites and one of them gets hacked. With the current setup, this affects only one site. With your modification, it will affect all sites and all sites have to be reinstalled. Additionally, some security extensions for apache will not start with group writable permissions.
  4. bambam82

    bambam82 New Member


    i'm sorry you're right. good point.
    Last edited: Oct 27, 2010

Share This Page