Many PHP applications do self-configuration and self-updating. This requires apache to have write access to the PHP files. While
chgrp'ing them all to www-data appears like a good practice to avoid making them world writable, I also wish to allow users to create new files and edit existing one.
Is adding users to the group www-data safe on Debian? For example:
775 root www-data /var/www 644 john www-data /var/www/johns_php_application.php 660 john www-data /var/www/johns_php_applications_configuration_file
© Server Fault or respective owner