Hey everybody,
I wanna discuss a somewhat strange behaviour I just stumbled upon. I have my models directory set to 750 (drwxr-x—) and the directory is owned by me as a user and www-data as a group. Now, when I create a NEW model with gii, the permission to do so is denied, as expected. However, if I have an existing model and overwrite it with gii, it is ALLOWED?! Can somebody explain me why that is? I expected the same outcome as for writing a new file since gii (www-data) has no writing permission in that directory?
Thanks!
E: I think I figured it out. In the case of an overwrite operation, the file permissions are determining and not the folder permissions. So I guess without write permissions on a folder, you can’t create a new file, but if you have write permissions on a file in that folder, you’ll still be able to modify it.
Nevertheless, to expand my question… What are the safest permissions to set in for on a live server? All folders to 750 and the files to 640 (besides "runtime", "web/assets" and any "upload" directories)?