1

I am dynamically creating files with laravel, I need to give them specific permissions by using chmod and change the user and group with chown.

I tried to enter the following lines to my /etc/sudoers by using visudo.

NOTE: Always use visudo otherwise you might corrupt the file.

www-data ALL=(ALL) NOPASSWD: chmod
www-data ALL=(ALL) NOPASSWD: chown

But I get syntax errors on these lines.

Improve this question
3
  • Giving a web server user permission to change file ownership and flags as root is potentially very very dangerous. An attacker in theory could, for example, make your private keys world-readable or replace your SSL certificate. I hope you're taking every possible care with this! Commented Mar 20, 2017 at 9:38
  • Thanks. But I don't know how a hacker could possibly do this. He would need full access to my webserver. Commented Mar 20, 2017 at 9:40
  • 1
    They could always take advantage of some other vulnerability. For example if you have a script for handling file uploads then they might find a way to co-opt it to upload a malicious PHP file. I know that if they manage to do that they can already potentially do some damage but there's no need making it any easier for them. Commented Mar 20, 2017 at 10:20

1 Answer 1

Reset to default
2

You always have to use the full path to the binary:

www-data ALL=(ALL) NOPASSWD: /bin/chmod
www-data ALL=(ALL) NOPASSWD: /bin/chown
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Can only accept in 2 days. I answered it by myselve in Q&A style to share the knowledge

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.