Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hello,
I created a project using my user and then the PHP code creates some folders and files. So when I check ownerships and permissions, I see the entire project is a mix of different ownerships for the folders and files.
Because the files of the project that were created by me are owner by my user name and my user group. But then when I use Laravel to create folders and files then it's owned by www-data user name and www-data group.
The problem is I am using VSCode Remote (SSH) and then I can't access/edit the files created by the server with my user and I do chown every time, because I'm currently working on a file storing script.
How can I make my user be able to also view/edit the files created by www-data securely?
I know there are a few approaches and I was recommended by someone to use setfacl command.
Or maybe I should add my user to www-data group? But people told me this approach is bad (in production) because if someone gets access to the web server he gets access to the entire system.
Now I know it's not a production site yet, but I would like to know best practices to do that - i.e. to allow my user to also view/edit files creates by the web server
Thanks!
add your user to www-data group. It sounds like the advice you had against this was more about serving your site as root or adding www-data to another group with more permissions
When I want to run artisan commands in production I usually run them as the server
runuser -u www-data -- php artisan inspire
I add myself to www-data group also
also, when setting up the cron job, do it with the www-data user else you can end up with log files owned by you
crontab -e -u www-data
Please or to participate in this conversation.