I have a web server and I'm uploading files using an FTP client. Because of that the owner and the group of the file are taken from the user used during the upload.
Now I have to make this file writable by the web server (apache/apache).
One way would be to just change the owner and the group of the uploaded file to apache/apache, but that way I cannot modify the file using the FTP account. Another way would be to give the file 777 permissions.
Both approaches seem not very professional and a little bit risky. Are there any other options? In Windows I can just add another user to the file. Can something similar done with Linux?
You can change the group of the files:
If this is a RedHat based distribution you can use setfacl to do this without a group and set it to happen by default:
Allowing a group of users to maintain a set of files is one thing: you just set add them to a common group and set the ownership of the existing files and directories to that group, then set the sticky group bit on any directories (subsequently files should be added as writeable by the group by default).
You need to be very careful and very selective about what files you make writeable by the webserver to avoid code injection issues - do NOT add the webserver uid to the user group defined above - keep these files completely separate from the other content on the website (i.e. in a seperate directory with all cgi / php etc disabled), preferably outside the document root completely. Most FTP servers allow you to set the upload permissions (0666 for files, 0777 for directories) and/or set the other sticky bit on directories.
C.
for setfacl to work, the partition has to be mounted with 'acl' option