LiteSpeed Support Forums

LiteSpeed Support Forums (http://www.litespeedtech.com/support/forum/index.php)
-   Install/Configuration (http://www.litespeedtech.com/support/forum/forumdisplay.php?f=11)
-   -   Recommended umask permission setting (http://www.litespeedtech.com/support/forum/showthread.php?t=5703)

thelunny 02-15-2012 06:12 PM
Recommended umask permission setting
 
May I know what is the recommended umask value for a shared environment using LiteSpeed? I realise Litespeed is not able to read the docroot if the permission is anything below 755.

Can we set it to 700 but still allow Litespeed to read it? Can we load apache's mod_ruid2 module for this purpose?

What are the ways the improve file permission security for a shared environment?

NiteWave 02-15-2012 07:20 PM
you can set those permissions in lsws admin console:
Server->Security->File Access

thelunny 02-15-2012 08:12 PM
Good to have this as a feature on Litespeed. However, I tried setting the Required Permission Mask to 077, it doesn't work? I'm looking to only serve files of 700 permission.

Do I need to set the Restricted Permission Mask as well?

How does this Required Permission Mask and Restricted Permission Mask works? Couldn't catch much through the documentations. Mind explaining this a little on how Litespeed does the checks?

Thank you!

webizen 02-16-2012 11:27 AM
Required Permission Mask means only if file permission matches with permission mask defined (see (man 2 stat) for all values), file gets served.

Restricted Permission Mask means if file permission matches with permission mask defined, file can not be served.

For shared hosting environment, you can remove everything for others. i.e., have each file with 750(or 640) permission and owner:webserver ownership.


All times are GMT -7. The time now is 11:26 PM.