file permissions owner, group, public clarification (web)

Question

Could someone please explain owner/group/public permissions on files and directories in a web environment.

My current understanding is that "Owner" is the person who created the file.

Group, presumably are permissions granted to any user in Group 'Foo', and Public is, well, everyone.

What I don't quite get is how this translates to a web environment.

Are "Public" users people who visit the site as guests? What about groups? And what are the risks of having a file CHMOD'd to 0777 - what could a public user do with a file if they were given execute permission - surely this is the same as just accessing a script directly (foo.com/bar.php)

hopefully this is clear enough

thanks for any insight.

Answer 1

Your web server is running under a specific user. When someone accesses a file on a server it typically goes through the user associated with the web server. Try writing a script that actually create a new file, see who the owner is.