I am trying to set the least possible permission on a file, and still be upload files and delete them. I normally use "0755", but I think it is still much for just doing uploading and deleting.
views:
24answers:
2Try 0644. That's "owner read/write, everyone else read". 0755 is the same but adds execute the mix, which you most likely don't want on uploaded files.
And if only the webserver software ever needs to deal the file, you can lock it down further with 0600 (only owner read/write)
You want to list, read & write on a directory, so 0700
. Provided you have set up the correct user(s) for the website, script owner, ftp user, etc. If you cannot harmonize these user(s) into one, creating a group with all the stakeholders, making that the owning group & setting the folder to 0770
should work.
For files that are non executable, the same 0600
vs, 0660
applies, unless you need only one writing user (files 0640
, directory 0750
, owned by the writing user & the stakeholders group).