Issue
I'm setting up a shared hosting. My users have SFTP access to the server to upload their contents. I'm using separate PHP processes running as respective users (one per site). I want the users to not see other users' contents by default (except via the web server as any other unprivileged client), but the web server (running as www-data user/group) should be able to read everything. Right now I'm giving the ownership of files in www to particular users and group ownership to www-data and using the set GID bit to propagate the group ownership to new files/directories (users are not in www-data group).
It worked fine, but now I'm facing a problem. Some of the sites are using wordpress and when they upload files the set GID bit is lost meaning that the web server has no access to it. Is there some way to configure either PHP or wordpress (more likely) to chmod files and directories into the right permissions?
Note: I'm not using safe mode in PHP, so it should be able to add the set GID bit.
Update: I've tried tweaking the FS_CHMOD_DIR and FS_CHMOD_FILE values in wordpress config. I assumed that this would allow me to chmod the uploaded files to whatever I wanted. However, it did not affect the permissions of newly uploaded files. From the info in codex I guess these settings apply to core update function only.
Thanks!
Solution
This is not the answer to the exact question, but rather a solution to the problem in general. Assign the ownership of user's web directory to user/www-data and set the permissions to 750, no SGID bit. Users must not belong to the www-data group. However, inside that directory the group ownership can be set to the users' main group (e.g. users). The permissions inside can be 644 and 755 for files and subdirectories respectively. The security is provided by the fact that other users will not be able to enter or traverse this web directory and therefore will not be able to access any files inside even though they have enough permissions to access the files themselves. This will restrict both users connecting via SFTP and executing PHP commands.
Since this solution does not use the set GID bit it solves the original issue. Uploaded files can be left with their default ownership and permissions.
A little demonstration:
transistor# mkdir www
transistor# chown :www-data www
transistor# chmod 750 www
transistor# ls -l
total 4
drwxr-x--- 2 root www-data 4096 Feb 20 20:59 www
transistor# touch www/file1.txt
transistor# mkdir www/subdir
transistor# touch www/subdir/file2.txt
transistor# ls -l www
total 4
-rw-r--r-- 1 root root 0 Feb 20 21:00 file1.txt
drwxr-xr-x 2 root root 4096 Feb 20 21:00 subdir
transistor# ls -l www/subdir
total 0
-rw-r--r-- 1 root root 0 Feb 20 21:00 file2.txt
transistor# exit
giedrius@transistor:/tmp/sandbox$ cd www
bash: cd: www: Permission denied
giedrius@transistor:/tmp/sandbox$ ls www/subdir
ls: cannot access www/subdir: Permission denied
giedrius@transistor:/tmp/sandbox$ cat www/file1.txt
cat: www/file1.txt: Permission denied
giedrius@transistor:/tmp/sandbox$ cat www/subdir/file2.txt
cat: www/subdir/file2.txt: Permission denied
giedrius@transistor:/tmp/sandbox$ sudo -su www-data
transistor% ls www
file1.txt subdir
transistor% cat www/file1.txt
transistor% cat www/subdir/file2.txt
transistor%
Answered By - Giedrius Kudelis Answer Checked By - Terry (WPSolving Volunteer)