Security always comes first. It is recommended to keep your files secure on your systems. No one liked that anyone misused their hard work due to silly mistakes. Many of fresher set file permissions to 777 on production servers to avoid any permission issue. But they are doing big mistakes by setting world writable permissions. Use previous tutorial to search files with 777 permission on Linux system.
It is always advised to keep the file and directory permissions to minimal. May of the web application framework suggest to keep permissions for all directories to 755, and all files to 644. So this tutorial will help you to do this.
Change Permissions Recursively
Change directory with cd command to the desired location under with you need to all directories to 755, and all files to 644 permissions.
cd /home/user/public_html
Then use first command to chmod 755 for all directories and sub directories. The second command will change all the files permission to 0644 (chmod 644) under the directory tree.
find . -type d -exec chmod 0755 {} \;
find . -type f -exec chmod 0644 {} \;
You can also change permission using xargs command to do this quickly.
find . -type d -print0 | xargs -0 chmod 755
find . -type f -print0 | xargs -0 chmod 644
Here directory permission 0755 is similar to “rwxr-xr-x” and file permission 644 is equal to “rw-r–r–“.
Change Permission for Specific files
Instead of changing permission for all files, you can also target the specific files with similar extensions. For example you have PHP application on your server. And you don’t want to allow others to execute php files.
Then use the following command to chmod 0640 to all file with php extension:
find . -type f -name "*.php" -exec chmod 0640 {} \;
The file permission 0640 will restrict others with no permissions. This will add an extra layer of permissions.
Conclusion
In this tutorial, you have learned to chmod all files or directories available under a directory tree.
1 Comment
chmod -R ugo+rwX ?
X vs x, apply execute only on directories vs all files and directories..