Managing Permissions

Sometimes you need to make sure that the permissions for web accessible directories are correct (especially were recently asked to review a rather large existing website for security flaws). As a general rule of thumb it is safe for directories to be 755 and files to be 644. There are some easy ways to do this.

The easiest way to change permissions in bulk is the recursive chmod:

chmod -R 755 /directory

Unfortunately this has its own issues in that this will change everything, it doesn’t make it easy to have directories and files have different permissions. My fix for this is a few simple commands.

To set files below your current directory:
find . -type f -exec chmod 644 {} \;

To set directories below your current directory:
find . -type d -exec chmod 755 {} \;

Sometimes this blanket statement isn’t enough. For instance this will pretty much only work for static html website since no files will be executable. If you run these two commands on a website running something that needs to be executable (PHP or some form of CGI for example).
find . -type f -name \*.php -exec chmod 755 {} \;

One thought on “Managing Permissions

Leave a Reply

Your email address will not be published. Required fields are marked *