So let’s say that I have a LAMP stack project hosted on a Linux server with cPanel on it with only one user. What is the permissions that I’m supposed to set to a file with passwords and API keys being set on it?
So let’s say that I have a LAMP stack project hosted on a Linux server with cPanel on it with only one user. What is the permissions that I’m supposed to set to a file with passwords and API keys being set on it?
2
Answers
The best permissions for you will be 644. It means that the owner (user, who will deploy the code) has read and write permissions, the group and other users have only read permission. If your user is in the same group as web-server user (www-data, apache2, etc.) and the file is owned by this group, you can reduce permissions to 640, with this config all other users have no rights to read/write/execute the file.
It should be 0600, which means only the owner can read and write. If other accounts than the owner need to read it use setfacl.
Or
Generally speaking you don’t want sensitive info to be readable by others.