Blocking 766 Permissions?

[Ynhockey]

I have a web app that creates new directories with 766 permissions. It appears that something (very likely cPanel, because it also blocks 777) blocks direct access to files in such directories, whereas 755 works.

I'd like to make sure that it's indeed cPanel, and also: is this intentional? Is there a configuration option to specifically allow 766, and if so, how dangerous would this be?

 

[dalem]

cpanel does not set your file permissions or block them

its likely you have SUPHP enabled in Apache

 

[Ynhockey]

Thanks for your answer. I looked for info about whether/how/why SuPHP blocks direct access to these files and whether I can configure either PHP or Apache (more likely) to allow access at least in some way. Unfortunately the search comes up blank, although there are resources confirming what you said (that it has to do with SuPHP).

Going directly to the SuPHP docs, I found these:
allow_file_others_writeable,
allow_directoy_others_writeable

Which seem to address my question. However, I am not quite clear on the best to configure SuPHP under cPanel/WHM. Can I do it manually and the settings will stay? Or will they be overwritten next time EA is run or Apache reconfigured? Is there documentation for this in cPanel/WHM?

 

[quizknows]

Generally SuPHP denies folder perms above 755 and file perms above 644. I do not advise changing this. If your 'umask' is set properly (normally 0022) then it may be an issue with the app.

If you legitimately cannot get the app to make the folders with 755 like it should, the options for SuPHP are in /opt/suphp/etc/suphp.conf

The options that would concern you are:
allow_directory_group_writeable=false
allow_directory_others_writeable=false

You could also try fcgi with suexec instead of SuPHP... it may not fix your problem but it's a bit faster/more efficient than SuPHP.

 

[cPanelMichael]

I have a web app that creates new directories with 766 permissions. It appears that something (very likely cPanel, because it also blocks 777) blocks direct access to files in such directories, whereas 755 works.

Hello,

Is there a particular reason your application needs to create directories with those permissions? Do you notice any specific error messages with directories created with 0755 permissions?

Thank you.