is it safe to chmod 775/664 with owner www-data:www-data?

linux web-server permissions chmod chown

Solution 1:

Usually you just want to have upload folders or autogenerated files to be writable by the www-data user.

Anyway, the risk you are opening here is that if your web application has any bug/vulnerability that might allow an attacker to execute code on your server, this code will execute as www-data (the user the apache process is running) and it could completely delete all your websites.

Related

Loaded Vs Unloaded Patch Panels
VMware disk usage and thin provisioning: numbers don't add up?
Can spammers extract valid email addresses from my mail server?
Allow access to particular folder inside HOME directory to other users
Is Webmin recommended for recent releases of Ubuntu? [closed]
CentOS6 installation from CentOS5 box?
How does SQL Server handle simulataneous read/write requests?
How to create FTP accounts with webmin? [closed]
How do I restore (xterm|gnome-terminal) wrapping after telnet to HP equipment has messed it up?
Too many httpd processes running and CentOS server freeze
Are there separate desktop and server versions of CentOS?
Setting SPF record on Amazon Route 53 with cli53 tool