Linux – Is chmod 700 on a directory sufficient to prevent arbitrary access to subdirectories

After more research it seems like another (possibly better way) to answer this would be to setup the www folder like so.

1. sudo usermod -a -G developer user1 (add each user to developer group)
2. sudo chgrp -R developer /var/www/site.com/ so that developers can work in there
3. sudo chmod -R 2774 /var/www/site.com/ so that only developers can create/edit files (other/world can read)
4. sudo chgrp -R www-data /var/www/site.com/uploads so that www-data (apache/nginx) can create uploads.

Since git runs as whatever user is calling it, then as long as the user is in the "developer" group they should be able to create folders, edit PHP files, and manage the git repository.

Note: In step (3): '2' in 2774 means to 'set Group ID' for the directory. This causes new files and sub directories created within it to inherit the group ID of the parent directory (instead of the primary group of the user) Reference: http://en.wikipedia.org/wiki/Setuid#setuid_and_setgid_on_directories

Like zed said but you probably have service running which mean that it if you do this, these services will not be able to read theses files either if the service doesn't run under the user permission, which is rarely the case, most service runs under their own users.

ACL (Access control list) are what you may need. Here is the official doc http://centos.org/docs/5/html/Deployment_Guide-en-US/ch-acls.html

Follow the documentation by editing the /etc/fstab and remounting the partition then simply

setfacl -m d:o:--- /home/user1/
setfacl -m d:u:rwx /home/user1/

o for others, u for users.
Now retreive the acl :

getfacl /home/user1/

I recommend you read the docs and do some tests. Hope this helped.