I was going to ask this on http://unix.stackexchange.com/ but I realized I might get my face verbally bitten off for being a linux moron and not being able to find the answer online. (I have looked and found lots of information, but it’s conflicting and disjointed for what I’m trying to do)
I need to allow apache to have read-only access to /var/www/html, but I need another user (an ftp user) to have read and write access.
In my limited understanding of linux permissions the two users should be a member of a group, and that group should own the folders, and the permissions set on the group.
But to me this implies that all users with access to a folder must therefore have the same level of access. This is not what I want.
My goal is to use sftp to upload and edit files (from filezilla) but to try and make the server as secure as possible. I will be setting the ftp user to only have access from a given ip address (I know how to do this bit so don’t need help with that)
Also the ftp user should only have access to /var/www/html and anything below it.
Can someone explain how to give different levels of access to different users of the same folders in linux? Also any advice on how permissions should be set on /var/www/html would be appreciated.
The server is centos 6. The web server is apache