Set or change an Azure App Service file or folder permission

I was using FileZilla to try to change the file permissions and I got this error:
Status: Setting permissions of '/site/wwwroot/index.html' to '644' Command: SITE CHMOD 644 index.html Response: 500 'SITE': command not understood Status: Setting permissions of '/site/wwwroot/index.html' to '755' Command: SITE CHMOD 755 index.html Response: 500 'SITE': command not understood

Then I started looking from some information about this and wasn’t able to get a clear understanding or message. I did find numerous articles and the Azure App Services forum:

My first reaction was to look into changing the permission using chmod, but that didn’t turn out to be the right direction. As you can see in Figure 1, running CHMOD 777 on the index file did not result in any change, so although the command seemed to execute successfully, nothing changed.

Figure 1, changing file permission on an Azure App Service, chmod

When I ran the attrib command and set the file to read-only, as described here, it apparently worked.

Figure 2, changing file permission on an Azure App Service, attrib

Then I attempted to modify the file and got this error, also show in Figure 3.
ERROR

409 Conflict: Could not write to local resource 'D:\home\site\wwwroot\index.html' due to error 'Access to the path 'D:\home\site\wwwroot\index.html' is denied.'.

Figure 3, changing file permission on an Azure App Service, attrib +r

At those links provided above, David Ebbo stated “Only the site owner is allowed to publish to the site, e.g. using FTP or GIT. At runtime, your app is allowed to write to the file system. If the logic in your app allows users to upload files, and then write those files to the file system, then they will be written. So obviously, if you write such app, you want to be careful what you write on behalf of users. But users themselves don’t have any intrinsic rights to write anywhere.” And Jim Cheshire stated “The ACLs on your site’s folders are set using an application pool identity, the SID of which is dynamically injected into the process when it starts. This security model is different from the Unix-based environment that your plugin is expecting, and it provides a more secure environment.”

I take it to mean the ACL and SID features. Have a read about Access Control Lists (ACL) here. Have a read about Security Identifiers (SID) here.

I interpret both statements to mean that you do not need to set file permissions by default. If you have coded something in your application that warrants changing file permissions then that is another matter.

I’d be interested in learning about any web based scenario where file permissions needed to be specifically set. Leave a comment if you have one.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

The Best C# Programmer In The World - Benjamin Perkins

articles about C# and numerous other technologies