As courtesy we host our clients' website files. Each client has their own Linux account, and website files are served from /home/user/public_html.
All of the clients files have ownerships of user:user. Permissions for the accounts are 755, and this allows them to upload and manage files via SSH, and Apache can serve files, too since it has read access via the "everyone else" permissions. With this setup, users are free from worry that other users can modify their files.
The problem comes in with a Wordpress, Drupal, or other CMS where the software is responsible for self updates and file management is done through the website's interface (Wordpress' Media Library, for example.)
To do this a user or group has to have write access. Many solutions on the net advise the following ownership and permissions setup on web files and directories that need to be routinely updated / modified:
ownership: user:www-data permissions: 775 user becomes a member of the www-data group
With this setup, two undesirable things happen. The first is that, because they are of the same group, users can now access other user's accounts and, accidentally or not, modify delete or upload files, which is a bit security risk, especially if a user uploads a plugin or module with malicious code.
The second is that after uploading an image through the interface, for example, that file is now owned by www-data:www-data and the user can no longer manage these files via ssh / ftp.
Is there a way to force www-data to respect the ownership of the files so that user is always the user? What's the proper way to set up Apache in a multi user environment where Apache needs write access but I avoid these permission and security issues?
