Linux Permissions & Ownership

[EdEichman]

...any comments on the below would be greatly appreciated...

PrestaShop Linux Owners and Permissions

 

How to get this right?

 

Goals

• Installation as secure as possible

• As few problems with (PrestaShop) (modules / themes / plugins / updates) as possible (permissions problems could potentially cause a lot of funky problems and wasted debugging time)

• Easy pull from git

• Possible to push to git from server for PrestaShop updates, which need to be installed on the server and pushed.

Possibilities

root Owner

• root owns PrestaShop folder and all contents (except files / folders created by apache, which I assume have apache owner)

• public read permission on PrestaShop folder and all contents.

• default disabled write and execute permissions on PrestaShop folder and all contents.

• public write permission on the folders that PrestaShop needs to write to. Need complete list. Start with https://gist.github.com/alexsegura/9650651 and https://www.prestashop.com/forums/topic/142606-wrong-themes-folder-permission/

• root does a git pull automatically when someone adds code to the central repository. Pull is done via the post-receive hook (lots of internet documentation on this). Problem: permissions for new folders might cause problems if PrestaShop needs to write to them. Also, what permissions do git checked out files get by default?
  Also need root ssh key on bitbucket

• PrestaShop updates need to be done via root

apache Owner

• apache owns PrestaShop folder and all contents

• default owner execute permissions

• default group read and write permissions

• non-root user added to apache group to allow daily tasks and sftp operations (solves a current problem I have with sftp)

• apace does a git pull automatically when someone adds code to the central repository. Pull is done via the post-receive hook (lots of internet documentation on this). Also need root ssh key on bitbucket

• Is apache as owner of PrestaShop dir & all contained files and folders a security risk? Late breaking news: yes, it is a security risk.

• PrestaShop updates need to be done via apache. Can I log in as apache?

• This configuration avoids permissions surprises from plugins, prestashop, etc.

non-root user Owner

From security advice I’ve read, I putty and sftp in via a non-root user with sudo permissions (via passphrase)

• non-root owns PrestaShop folders and all contents

• apache added to non-root group

• default owner/group execute permissions

• default owner/group read/write permissions

• non-root does a git pull automatically when someone adds code to the central repository. Pull is done via the post-receive hook (lots of internet documentation on this). Problem: permissions for new folders might cause problems if PrestaShop needs to write to them. Also, what permissions do git checked out files get by default?

• PrestaShop updates need to be done via non-root.

apache / root Owner Mix (WINNER SO FAR)

• root is default owner of all PrestaShop folder and all contents

• public read permission on PrestaShop folder and all contents.

• default disabled write and execute permissions on PrestaShop folder and all contents.

• apache owner on the folders that PrestaShop needs to write to. Need complete list. Start with https://gist.github.com/alexsegura/9650651 and https://www.prestashop.com/forums/topic/142606-wrong-themes-folder-permission/

• root does a git pull automatically when someone adds code to the central repository. Pull is done via the post-receive hook (lots of internet documentation on this). On new files / folders from git, who is owner? Does it inherit ownership from the parent folder, or get root ownership since root is checking out?

• If needed, refresh apache as owner in apache owned folders recursively as part of the pull operation.

• PrestaShop updates need to be done via root, and then owners reset in the dirs that PrestaShop need to write to.

Edited May 12, 2015 by EdEichman (see edit history)