Linux permissions snafoo!

[rexehuk]

Having some issues with ACLS and inherited permissions.

Giving RWX via setfacl to apache to storage directory.

My application is creating new folders as it goes in the storage directory... but when it does so it seems to be setting the acls, but with effective of --X for apache.

This means I can't even view the folders!

Anyone know why the effectives are dropping to x only?

 

[Uhtred]

I'm a bit of a Linux noob but isn't this to do with unmask?

 

[rexehuk]

I'm a bit of a Linux noob but isn't this to do with unmask?

May well be that! Makes sense.

So I'll set unmask 002 on apache and that should hopefully solve the issue.

However... Does this not introduce a huge security risk? If you let a user upload a php file such as shell and Apache auto makes it executable then that sounds scary?