Have files written to webroot as a different user

Issue #14 resolved
John Ruperto created an issue

Wasn't sure where to put this but my understanding of your script is that the apache user needs to be able to write to the web root essentially where my project is. A lot of linux documentation suggests against have the www-data (or other apache owner) user or group being able to write into the webroot for security reasons in case of comprimise.

So my question is if it's possible within the deploy script to have it write the files to the webroot as the folder owner (in my case a user called john) instead of the apache user since this means I have to set files to be writable by www-data.

Comments (3)

  1. Alexandru Lixandru repo owner

    Hello,

    You are correct. Indeed, the apache user (www-data) needs to have write access to your files for 2 reasons: 1. To store commit metadata files received from the post hook (into the 'commits' folder) 2. To perform the actual deployment (add/del/replace your project files within your webroot)

    For #1 there's not much you can do, as far as I know - the apache user needs to be able to persist that piece of data to files. You can mitigate risks by placing the commit folder outside webroot and give write access to that folder only while keeping read-only access for the rest of the files.

    For #2 there is a solution: have the deploy.php script be executed through a cron job, under the desired user. For this you need to make sure automatic deployment is not triggered from the gateway script (see config.php).

    I hope this helps.

    Thanks, Alex

  2. John Ruperto reporter

    Thanks Alex.

    For #1 that is acceptable considering data is outside webroot. I will take up your suggestion for #2 as I think that would work better for me considering commits aren't happening that frequently.

    Cheers, John

  3. Log in to comment