www-data

We know there are so many users in Ubuntu system other than our sudo account which are not created by us but by system to cater different tasks in the system. Run the command cat /etc/passwd to see all users in the system. One of them is www-data. Whatever you do from browser, it is recorded as work done as www-data. For example, if you create a file from browser, its owner will be www-data. In simple language, browser is www-data user of your system. It is also called Apache user account or webserver account.If you run command, ps -u www-data you will see  number of Apache processes running and their process ids. This command shows all the running processes under a given user. So by checking the processes of the www-data we can conclude that it is Apache’s account.

If we change our identity by using command sudo su - www-data and run cd command and then pwd, we will see output as /var/www/ which means www-data has its home folder /var/www/. But www-data don’t have any permission to create files in /var/www/. Isn’t it  strange that a user in not owner of his home directory? If not www-data, then who can the owner of /var/www and why it is like this? These are common but important questions which has been answered below.

Actually root is the owner of /var/www. It is so because of security purposes. Suppose, if www-data (Apache) is made the owner of /var/www/ and by mistake we misconfigured Apache server or in other case due some exploitable bug or loop hole in Apache, an evil person over the Internet can send malicious script to our system via Apache. To prevent this danger, root is made the owner of /var/www/. Since root user has ultimate authority over the whole system, if it is an owner of some directory or file then nobody else can dare to interfere with contents. That’s the reason of Linux’s security; the permissions and ownerships.

For analogy, consider the states of India. Each state has Chief Minister who has power within his / her own state. Same is the case of users in the Linux system. Each user is the owner of its home directory. But for some dangerous places like borders with Pakistan from where attack can happen, the overall control and power is come under Prime Minister / President. Same is the case of /var/www which is attack prone area so root has ownership over it.

Advertisements

One thought on “www-data

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s