LAMP File and Directory permissions
I have an interesting question relating to file and directory permissions on a lamp server in a classroom environment.
I'm teaching a php programming class where my students need ssh, sftp access to the server, however I do not want them to be able to see each others files when using these services. Of course they would all be able to see the interpreted results of the program after the application server is finished, but they absolutely cannot see the source code!!! (it would make grading a moot point). What would be the best way to accomplish the desired result? I'm running fc4 apache 2, php5 and mysql 4.xxx. Currently my DocRoot location is set for /usr/local/apache/htdocs. I was originally thinking of placing home directories under the aforementioned location --> but this cannot be the most secure solution. Any ideas?? And thanks very much in advance for any/all help!!! -D |
Code:
# Allow users to have their own public_html directory Code:
chmod g+s /home/*/public_html Code:
umask 0027 Code:
chmod -R o-rwx /home/*/public_html/ Code:
-rwxr-x--- 1 tim apache 7000 Jul 19 22:02 index.php* and that they don't change them and that they don't use chmod to add permission for the others group. If anyone has a cleaner way of doing this please speak up. |
All times are GMT -5. The time now is 07:43 PM. |